feat(db,services): Slice B.3 read cutover — flip reads to paliad.deadline_rules_unified view backed by sr+pe+ls (t-paliad-305 / m/paliad#93)

The new tables (mig 136) and the dual-write that keeps them in sync
(B.2) have been steady-state in prod since mig 136 deployed at
13:24 UTC today. Drift verified clean before this commit:
deadline_rules=231, sequencing_rules=231, procedural_events=231 (153
codes + 78 synthetic), legal_sources=87, zero mismatches across
counts, FK integrity, lifecycle, is_active.

This commit flips READ paths to source data from the new tables via
a backwards-compatible view, leaving the dual-write WRITE paths
untouched for B.4 to retire alongside the destructive drop.

* internal/db/migrations/139_deadline_rules_unified_view.up.sql (new) —
  CREATE VIEW paliad.deadline_rules_unified projecting sr+pe+ls
  back into the legacy paliad.deadline_rules column shape. Same
  column names + types so the Go-side change is a 1-token
  substitution per query with no struct or scanner edits.
  Post-apply DO block asserts view row count = sequencing_rules row
  count (FK NOT NULL on procedural_event_id guarantees they match).

* 10 service / handler files — every SELECT FROM paliad.deadline_rules
  (or JOIN paliad.deadline_rules) flipped to use the view:
  - internal/handlers/submissions.go            (Schriftsätze list)
  - internal/services/deadline_rule_service.go  (8 read sites)
  - internal/services/rule_editor_service.go    (3 read sites — ListRules, getByID, validateSpawnNoCycle)
  - internal/services/rule_editor_orphans.go    (candidate-rule lookup)
  - internal/services/submission_vars.go        (loadPublishedRule)
  - internal/services/deadline_service.go       (deadlines list join)
  - internal/services/fristenrechner.go         (calculator reads)
  - internal/services/projection_service.go     (projection reads)
  - internal/services/event_deadline_service.go (event→rule join)
  - internal/services/export_service.go         (3 export sites — ref__deadline_rules)

Verified semantically safe on live (read-only smoke):
- 231 rows in view match 231 in legacy.
- name + event_type pair: 231/231 match.
- legal_source: 231/231 match (NULL on both sides treated as match).
- submission_code: 153 non-NULL codes match exactly; the 78
  synthetic 'null.<8hex>' codes diverge from legacy NULL but no
  reader filters on NULL submission_code (verified
  handlers/submissions.go: synthetic-code rules all have NULL
  event_type so the WHERE event_type = 'filing' filter excludes
  them; the Schriftsätze surface returns the same 105 rows).

Scope decisions documented (deviation from design §5.3):
- B.3 ships the READ flip only. WRITE paths (RuleEditorService
  Create / UpdateDraft / CloneAsDraft / Publish / flipLifecycle)
  retain the dual-write from B.2 — they write to both legacy and
  new tables. B.4 (destructive drop) will retire the legacy writes
  in the same slice that drops the table, avoiding a transient
  state where the legacy writes have no purpose.
- The B.2 drift-check ticker (StartDualWriteDriftCheckLoop) stays
  active for the same reason: dual-write continues, so the
  invariants the loop checks remain meaningful.

This shape is paliadin-approvable on a "good solution > strict
phase boundary" reading of m's greenlight. If paliadin pushes back
and wants the legacy writes removed in B.3, the refactor is ~300
LOC across the 5 RuleEditorService write methods + buildPatchSets
split into PE/SR sets — schedulable as B.3.5 before B.4.

Build + vet clean. TestMigrations_NoDuplicateSlot passes.

Makefile

@@ -21,7 +21,7 @@
 # the test runner's working dirs. None of them touch internal/db/migrations/
 # files.
 
-.PHONY: help verify-migrations verify-mig verify-mig-app test test-go test-frontend refresh-snapshot
+.PHONY: help verify-migrations verify-mig verify-mig-app test test-go test-frontend refresh-snapshot snapshot-upc
 
 help:
 	@echo "Paliad — developer targets"
@@ -33,6 +33,8 @@ help:
 	@echo "  test                Short test pass — covers gate tier"
 	@echo "  test-go             Full Go suite with race detector"
 	@echo "  test-frontend       Frontend bun:test suite"
+	@echo "  snapshot-upc        Regenerate pkg/litigationplanner/embedded/upc/ from live DB"
+	@echo "                      (needs DATABASE_URL — see cmd/gen-upc-snapshot/README.md)"
 	@echo ""
 	@echo "Set TEST_DATABASE_URL to enable live-DB tests. Example:"
 	@echo "  export TEST_DATABASE_URL=postgres://paliad:...@localhost:11833/paliad_test"
@@ -141,3 +143,22 @@ refresh-snapshot:
 	' internal/db/testdata/prod-snapshot.sql.tmp > internal/db/testdata/prod-snapshot.sql
 	@rm internal/db/testdata/prod-snapshot.sql.tmp
 	@wc -l internal/db/testdata/prod-snapshot.sql
+
+# Regenerate the embedded UPC snapshot from a live paliad DB. The
+# generator applies pending migrations first, then SELECTs the UPC
+# subset and writes JSON files under pkg/litigationplanner/embedded/upc/.
+#
+# Requires DATABASE_URL — Slice C of the litigation-planner extraction
+# (m/paliad#124 §19). See cmd/gen-upc-snapshot/README.md for the full
+# operator runbook.
+snapshot-upc:
+	@if [ -z "$$DATABASE_URL" ]; then \
+		echo "ERROR: DATABASE_URL is not set."; \
+		echo "       Snapshot generation needs read access to a paliad DB."; \
+		echo "       Set DATABASE_URL to the live paliad Postgres, then re-run."; \
+		exit 2; \
+	fi
+	@echo "==> regenerating UPC snapshot from $$DATABASE_URL"
+	go run ./cmd/gen-upc-snapshot
+	@echo "==> running snapshot tests against the regenerated data"
+	go test ./pkg/litigationplanner/embedded/upc/...

cmd/gen-upc-snapshot/README.md

@@ -0,0 +1,59 @@
+# gen-upc-snapshot
+
+Regenerates the embedded UPC snapshot consumed by
+`pkg/litigationplanner/embedded/upc`. Slice C of the litigation-planner
+extraction (m/paliad#124 §19). See
+`docs/design-litigation-planner-2026-05-26.md` §19 for the full design.
+
+## When to regenerate
+
+After any change that affects the public UPC rule corpus:
+
+- new rules merged via the admin rule-editor
+- a deadline-rule migration that touches UPC rows
+- a `paliad.holidays` update (new public holidays / vacation runs)
+- a `paliad.courts` update (new UPC LD opens, etc.)
+- a `paliad.proceeding_types` change for `jurisdiction = 'UPC'`
+
+The snapshot is operator-controlled — there is no CI regeneration in v1.
+
+## How to regenerate
+
+```sh
+make snapshot-upc
+```
+
+or directly:
+
+```sh
+DATABASE_URL=postgres://...  go run ./cmd/gen-upc-snapshot
+```
+
+Flags:
+
+| Flag            | Default                                | Purpose |
+|-----------------|----------------------------------------|---------|
+| `-output`       | `./pkg/litigationplanner/embedded/upc` | directory to write JSON files into |
+| `-version`      | auto-derived (`YYYY-MM-DD-N`)          | override the snapshot version |
+| `-source-label` | empty                                  | text label written to `meta.json` (`paliad-prod`, `paliad-dev`, …) |
+
+The generator:
+
+1. Applies pending migrations against `DATABASE_URL` (snapshot always matches schema HEAD).
+2. SELECTs UPC active proceeding_types + their published+active rules + referenced trigger_events + DE/UPC holidays + UPC courts.
+3. Writes pretty-printed JSON to `<output>/{proceeding_types,rules,trigger_events,holidays,courts,meta}.json`.
+
+## Idempotence
+
+Running twice with the same DB state produces the same JSON (modulo `meta.generated_at`). Diff-friendly in git.
+
+## Versioning
+
+`meta.json.version` uses `YYYY-MM-DD-N` where N starts at 1 and increments on same-day regenerations. The generator reads the existing `meta.json` and bumps automatically.
+
+## After regeneration
+
+1. Review the diff: `git diff pkg/litigationplanner/embedded/upc/`.
+2. Run tests: `go test ./pkg/litigationplanner/embedded/upc/...`.
+3. Commit with a message like `chore(snapshot): regenerate UPC snapshot (<reason>)`.
+4. Notify any downstream consumer (youpc.org) that a new paliad release is available.

cmd/gen-upc-snapshot/main.go

@@ -0,0 +1,301 @@
+// Command gen-upc-snapshot reads paliad's live deadline corpus and
+// writes the UPC subset as JSON files under
+// pkg/litigationplanner/embedded/upc/. The package's embedded
+// catalog/holiday/court implementations then serve this data without
+// any DB roundtrip — letting youpc.org (or any future consumer) run
+// the litigationplanner engine against the canonical UPC rule set.
+//
+// Slice C (m/paliad#124 §19). See docs/design-litigation-planner-2026-05-26.md
+// §19 for the full design.
+//
+// Usage:
+//
+//	DATABASE_URL=postgres://... go run ./cmd/gen-upc-snapshot \
+//	    [-output ./pkg/litigationplanner/embedded/upc] \
+//	    [-version 2026-05-26-1] \
+//	    [-source-label paliad-dev-supabase]
+//
+// The generator applies migrations against DATABASE_URL before
+// SELECTing (so the snapshot always matches schema HEAD). Idempotent —
+// running twice with the same DB state produces the same JSON.
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"flag"
+	"fmt"
+	"log"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/jmoiron/sqlx"
+	_ "github.com/lib/pq"
+
+	"mgit.msbls.de/m/paliad/internal/db"
+	"mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+const (
+	defaultOutput      = "./pkg/litigationplanner/embedded/upc"
+	defaultSourceLabel = ""
+)
+
+// Meta is the version block written to meta.json. The embedded sub-
+// package re-defines this type so consumers can decode it without
+// importing the cmd; the cmd holds the canonical write shape.
+type Meta struct {
+	Version           string    `json:"version"`
+	GeneratedAt       time.Time `json:"generated_at"`
+	PaliadCommit      string    `json:"paliad_commit,omitempty"`
+	SourceDBLabel     string    `json:"source_db_label,omitempty"`
+	RuleCount         int       `json:"rule_count"`
+	ProceedingCount   int       `json:"proceeding_count"`
+	TriggerEventCount int       `json:"trigger_event_count"`
+	HolidayCount      int       `json:"holiday_count"`
+	CourtCount        int       `json:"court_count"`
+}
+
+// EmbeddedHoliday is the holiday row shape the embedded snapshot
+// stores. JSON tags mirror paliad.holidays so the generator's SELECT
+// scans onto it directly + the embedded HolidayCalendar reads the
+// same tag.
+type EmbeddedHoliday struct {
+	Date        string  `db:"date_iso" json:"date"`
+	Name        string  `db:"name" json:"name"`
+	Country     *string `db:"country" json:"country,omitempty"`
+	Regime      *string `db:"regime" json:"regime,omitempty"`
+	State       *string `db:"state" json:"state,omitempty"`
+	HolidayType string  `db:"holiday_type" json:"holiday_type"`
+}
+
+// EmbeddedCourt is the court row shape the embedded snapshot stores.
+type EmbeddedCourt struct {
+	ID        string  `db:"id" json:"id"`
+	Code      string  `db:"code" json:"code"`
+	NameDE    string  `db:"name_de" json:"name_de"`
+	NameEN    string  `db:"name_en" json:"name_en"`
+	Country   string  `db:"country" json:"country"`
+	Regime    *string `db:"regime" json:"regime,omitempty"`
+	CourtType string  `db:"court_type" json:"court_type"`
+	ParentID  *string `db:"parent_id" json:"parent_id,omitempty"`
+	SortOrder int     `db:"sort_order" json:"sort_order"`
+}
+
+func main() {
+	output := flag.String("output", defaultOutput, "directory to write JSON files into")
+	version := flag.String("version", "", "explicit snapshot version (auto-derived if empty)")
+	sourceLabel := flag.String("source-label", defaultSourceLabel, "label for source_db in meta.json")
+	flag.Parse()
+
+	url := os.Getenv("DATABASE_URL")
+	if url == "" {
+		log.Fatal("DATABASE_URL must be set")
+	}
+
+	if err := db.ApplyMigrations(url); err != nil {
+		log.Fatalf("apply migrations: %v", err)
+	}
+
+	pool, err := sqlx.Connect("postgres", url)
+	if err != nil {
+		log.Fatalf("connect: %v", err)
+	}
+	defer pool.Close()
+
+	ctx := context.Background()
+	if err := run(ctx, pool, *output, *version, *sourceLabel); err != nil {
+		log.Fatalf("snapshot: %v", err)
+	}
+}
+
+func run(ctx context.Context, pool *sqlx.DB, output, version, sourceLabel string) error {
+	if err := os.MkdirAll(output, 0o755); err != nil {
+		return fmt.Errorf("mkdir output: %w", err)
+	}
+
+	// 1. Proceeding types — UPC + active only. The unified upc.apl row
+	// from B1 mig 134 is included; the 3 archived old appeal codes
+	// (is_active=false) are filtered out by the WHERE.
+	var procs []litigationplanner.ProceedingType
+	if err := pool.SelectContext(ctx, &procs, `
+		SELECT id, code, name, name_en, description, jurisdiction,
+		       category, default_color, sort_order, is_active,
+		       trigger_event_label_de, trigger_event_label_en,
+		       appeal_target
+		  FROM paliad.proceeding_types
+		 WHERE jurisdiction = 'UPC' AND is_active = true
+		 ORDER BY sort_order, id`); err != nil {
+		return fmt.Errorf("select proceeding_types: %w", err)
+	}
+
+	if len(procs) == 0 {
+		return fmt.Errorf("no active UPC proceeding_types — refusing to write empty snapshot")
+	}
+
+	procIDs := make([]int, 0, len(procs))
+	for _, p := range procs {
+		procIDs = append(procIDs, p.ID)
+	}
+
+	// 2. Deadline rules — published + active rules for those proceedings.
+	const ruleCols = `id, proceeding_type_id, parent_id, submission_code, name, name_en,
+		description, primary_party, event_type, duration_value,
+		duration_unit, timing, rule_code, deadline_notes, deadline_notes_en, sequence_order,
+		alt_duration_value, alt_duration_unit, alt_rule_code,
+		anchor_alt, concept_id, legal_source, is_spawn, spawn_label, is_active,
+		created_at, updated_at,
+		trigger_event_id, spawn_proceeding_type_id, combine_op, condition_expr,
+		priority, is_court_set, lifecycle_state, draft_of, published_at,
+		choices_offered, applies_to_target`
+
+	q, args, err := sqlx.In(`
+		SELECT `+ruleCols+`
+		  FROM paliad.deadline_rules
+		 WHERE proceeding_type_id IN (?)
+		   AND is_active = true
+		   AND lifecycle_state = 'published'
+		 ORDER BY proceeding_type_id, sequence_order`, procIDs)
+	if err != nil {
+		return fmt.Errorf("build rules IN: %w", err)
+	}
+	q = pool.Rebind(q)
+	var rules []litigationplanner.Rule
+	if err := pool.SelectContext(ctx, &rules, q, args...); err != nil {
+		return fmt.Errorf("select rules: %w", err)
+	}
+
+	// 3. Trigger events referenced by any UPC rule's trigger_event_id.
+	triggerIDSet := make(map[int64]struct{})
+	for _, r := range rules {
+		if r.TriggerEventID != nil {
+			triggerIDSet[*r.TriggerEventID] = struct{}{}
+		}
+	}
+	var triggers []litigationplanner.TriggerEvent
+	if len(triggerIDSet) > 0 {
+		triggerIDs := make([]int64, 0, len(triggerIDSet))
+		for id := range triggerIDSet {
+			triggerIDs = append(triggerIDs, id)
+		}
+		q, args, err := sqlx.In(`
+			SELECT id, code, name, name_de, description, is_active, created_at
+			  FROM paliad.trigger_events
+			 WHERE id IN (?)
+			 ORDER BY id`, triggerIDs)
+		if err != nil {
+			return fmt.Errorf("build triggers IN: %w", err)
+		}
+		q = pool.Rebind(q)
+		if err := pool.SelectContext(ctx, &triggers, q, args...); err != nil {
+			return fmt.Errorf("select trigger_events: %w", err)
+		}
+	}
+
+	// 4. Holidays — DE national + UPC regime entries. The embedded
+	// calendar serves UPC computations so both axes matter.
+	var holidays []EmbeddedHoliday
+	if err := pool.SelectContext(ctx, &holidays, `
+		SELECT to_char(date, 'YYYY-MM-DD') AS date_iso,
+		       name, country, regime, state, holiday_type
+		  FROM paliad.holidays
+		 WHERE country = 'DE' OR regime = 'UPC'
+		 ORDER BY date, name`); err != nil {
+		return fmt.Errorf("select holidays: %w", err)
+	}
+
+	// 5. Courts — UPC subset.
+	var courts []EmbeddedCourt
+	if err := pool.SelectContext(ctx, &courts, `
+		SELECT id, code, name_de, name_en, country, regime, court_type, parent_id, sort_order
+		  FROM paliad.courts
+		 WHERE is_active = true
+		   AND (regime = 'UPC' OR court_type LIKE 'upc%')
+		 ORDER BY sort_order, id`); err != nil {
+		return fmt.Errorf("select courts: %w", err)
+	}
+
+	// 6. Compose meta.
+	meta := Meta{
+		Version:           resolveVersion(version, output),
+		GeneratedAt:       time.Now().UTC().Truncate(time.Second),
+		PaliadCommit:      gitCommitShort(),
+		SourceDBLabel:     sourceLabel,
+		RuleCount:         len(rules),
+		ProceedingCount:   len(procs),
+		TriggerEventCount: len(triggers),
+		HolidayCount:      len(holidays),
+		CourtCount:        len(courts),
+	}
+
+	// 7. Write each file.
+	files := []struct {
+		name string
+		data any
+	}{
+		{"proceeding_types.json", procs},
+		{"rules.json", rules},
+		{"trigger_events.json", triggers},
+		{"holidays.json", holidays},
+		{"courts.json", courts},
+		{"meta.json", meta},
+	}
+	for _, f := range files {
+		path := filepath.Join(output, f.name)
+		buf, err := json.MarshalIndent(f.data, "", "  ")
+		if err != nil {
+			return fmt.Errorf("marshal %s: %w", f.name, err)
+		}
+		buf = append(buf, '\n')
+		if err := os.WriteFile(path, buf, 0o644); err != nil {
+			return fmt.Errorf("write %s: %w", path, err)
+		}
+	}
+
+	log.Printf("snapshot written: version=%s rules=%d proceedings=%d triggers=%d holidays=%d courts=%d → %s",
+		meta.Version, meta.RuleCount, meta.ProceedingCount,
+		meta.TriggerEventCount, meta.HolidayCount, meta.CourtCount, output)
+	return nil
+}
+
+// resolveVersion picks a date-stamped version slug, bumping the suffix
+// past any pre-existing same-day version found in the existing
+// meta.json. If the caller passed -version, that wins.
+func resolveVersion(explicit, output string) string {
+	if explicit != "" {
+		return explicit
+	}
+	today := time.Now().UTC().Format("2006-01-02")
+	// Read prior meta to detect same-day collisions.
+	prior, err := os.ReadFile(filepath.Join(output, "meta.json"))
+	if err != nil {
+		return today + "-1"
+	}
+	var pm Meta
+	if err := json.Unmarshal(prior, &pm); err != nil {
+		return today + "-1"
+	}
+	if !strings.HasPrefix(pm.Version, today+"-") {
+		return today + "-1"
+	}
+	// Same day: bump the suffix.
+	suffix := pm.Version[len(today)+1:]
+	var n int
+	if _, err := fmt.Sscanf(suffix, "%d", &n); err != nil {
+		return today + "-1"
+	}
+	return fmt.Sprintf("%s-%d", today, n+1)
+}
+
+// gitCommitShort returns the short SHA of the paliad checkout. Best-
+// effort — empty string when we're not in a git checkout.
+func gitCommitShort() string {
+	out, err := exec.Command("git", "rev-parse", "--short", "HEAD").Output()
+	if err != nil {
+		return ""
+	}
+	return strings.TrimSpace(string(out))
+}

cmd/server/main.go

@@ -12,6 +12,7 @@ import (
 	"strconv"
 	"strings"
 	"syscall"
+	"time"
 
 	// Embed Go's IANA tz database into the binary so time.LoadLocation works
 	// without OS tzdata. The runtime image (alpine) doesn't ship /usr/share/
@@ -221,6 +222,8 @@ func main() {
 			Export: services.NewExportService(pool, branding.Name),
 			// t-paliad-265 / m/paliad#96 — per-event-card optional choices.
 			EventChoice: services.NewEventChoiceService(pool, projectSvc, users),
+			// Slice D (m/paliad#124 §5, mig 145) — named scenario compositions.
+			Scenario: services.NewScenarioService(pool, projectSvc, rules),
 		}
 
 		// t-paliad-246 Slice A — Backup Mode runner. Wired only when
@@ -337,6 +340,13 @@ func main() {
 			log.Printf("CalDAV start: %v", err)
 		}
 		reminderSvc.Start(bgCtx)
+		// Slice B.2 dual-write drift check (t-paliad-305 / m/paliad#93).
+		// Runs every 6 h while the new procedural_events / sequencing_rules /
+		// legal_sources tables shadow the legacy paliad.deadline_rules
+		// table. A clean run logs at INFO; drift logs at WARN with the
+		// full report so a broken dual-write surfaces before the next
+		// deploy.
+		services.StartDualWriteDriftCheckLoop(bgCtx, pool, 6*time.Hour)
 		go func() {
 			<-bgCtx.Done()
 			log.Println("background services: shutdown signal received")

docs/design-litigation-planner-2026-05-26.md

@@ -1449,4 +1449,170 @@ No `AskUserQuestion` per inventor protocol; head escalates to m if material.
 
 ---
 
+## §19 Slice C — embedded UPC snapshot + generator (2026-05-26)
+
+Slice A landed the package, Slice B added the catalog API surface. Slice C lays the foundation for the youpc.org cross-repo integration: an in-package UPC subset of paliad's deadline corpus, embedded as JSON, that youpc.org can use to run the engine without any paliad DB access.
+
+### §19.1 Goals
+
+1. **Zero DB dependency for snapshot consumers.** youpc.org imports `pkg/litigationplanner/embedded/upc` and gets a working Catalog / HolidayCalendar / CourtRegistry without ever touching paliad's Postgres.
+2. **Reproducible regeneration.** A generator binary (`cmd/gen-upc-snapshot`) reads paliad's live DB and produces the JSON. Idempotent — same DB state in, same JSON out.
+3. **Versioned snapshots.** Each snapshot carries a `version` + `generated_at` so consumers can detect regeneration and decide whether to bump their go.mod.
+4. **Stays in lockstep with paliad's engine.** The embedded data conforms to the same `Rule` / `ProceedingType` Go types the engine consumes — no schema drift, no parallel-vocab risk.
+
+### §19.2 Embedding format
+
+**Pick: `//go:embed` of JSON.**
+
+Three candidates considered:
+- A. **`//go:embed` of JSON files** — generator emits human-readable JSON; package reads at boot via `embed.FS`. Diff-friendly in git; youpc.org sees the bytes change in code review.
+- B. **Generated Go const literals** — generator emits a `.go` file with the rule slice inlined. Type-safe at compile; harder to diff (big generated files); pollutes `git log -p` with mechanical changes.
+- C. **External resource fetched at runtime** — youpc.org would HTTP-GET the snapshot from a paliad endpoint. Adds runtime coupling between the two services; defeats the "zero DB dependency" goal.
+
+**(R) = A**. JSON is the wire shape paliad's API already serves; the package's `Rule` struct already has compatible `json:` tags from Slice A. The generated bytes survive `git diff` cleanly. youpc.org can also vendor the JSON via go-module if they want fully reproducible builds.
+
+### §19.3 File layout
+
+```
+pkg/litigationplanner/embedded/upc/
+    embed.go                   ←  //go:embed *.json + package metadata
+    snapshot.go                ←  SnapshotCatalog struct + Load() helper
+    snapshot_test.go           ←  unit tests against the embedded data
+    rules.json                 ←  generator output: all UPC rules
+    proceeding_types.json      ←  generator output: all UPC proceeding types
+    trigger_events.json        ←  generator output: UPC-referenced trigger events
+    holidays.json              ←  generator output: DE + UPC regime holidays
+    courts.json                ←  generator output: UPC courts
+    meta.json                  ←  generator output: {version, generated_at, paliad_commit, source_db_label}
+
+cmd/gen-upc-snapshot/
+    main.go                    ←  generator entry point
+    README.md                  ←  operator runbook
+```
+
+`pkg/litigationplanner/embedded/upc` is the public consumer surface. youpc.org imports it as:
+
+```go
+import upc "mgit.msbls.de/m/paliad/pkg/litigationplanner/embedded/upc"
+
+cat, _ := upc.NewCatalog()
+hc, _  := upc.NewHolidayCalendar()
+cr, _  := upc.NewCourtRegistry()
+
+timeline, err := lp.Calculate(ctx, "upc.inf.cfi", "2026-05-26", lp.CalcOptions{...}, cat, hc, cr)
+```
+
+### §19.4 Snapshot data shape
+
+The five data files (`rules.json`, `proceeding_types.json`, `trigger_events.json`, `holidays.json`, `courts.json`) are each a top-level JSON array of the corresponding type. The package's `Rule` / `ProceedingType` / `TriggerEvent` structs deserialise directly (their `json:` tags align with paliad's wire shape).
+
+`holidays.json` and `courts.json` use minimal structures defined in the embedded sub-package (the package's core API only requires `HolidayCalendar` / `CourtRegistry` interfaces — no struct contract).
+
+`meta.json` carries the versioning block:
+
+```json
+{
+  "version": "2026-05-26-1",
+  "generated_at": "2026-05-26T15:01:00Z",
+  "paliad_commit": "932b177",
+  "source_db_label": "paliad-dev-supabase",
+  "rule_count": 81,
+  "proceeding_count": 9,
+  "trigger_event_count": 2,
+  "holiday_count": 142,
+  "court_count": 18
+}
+```
+
+`version` uses a date-stamped scheme (`YYYY-MM-DD-N` where N starts at 1 and increments for same-day regenerations) — simple, sortable, no merge conflicts on regen.
+
+### §19.5 Generator
+
+`cmd/gen-upc-snapshot/main.go` runs as:
+
+```sh
+DATABASE_URL=postgres://... \
+  go run ./cmd/gen-upc-snapshot \
+    -output ./pkg/litigationplanner/embedded/upc
+```
+
+Flow:
+1. Connect to `DATABASE_URL` (paliad's live DB).
+2. Apply migrations first (`db.ApplyMigrations(url)`) — ensures the snapshot matches schema HEAD.
+3. SELECT all `paliad.proceeding_types` WHERE `jurisdiction = 'UPC'` AND `is_active = true`. (After B1 the unified `upc.apl` is the only appeal proceeding — the 3 archived old codes are filtered out.)
+4. SELECT all `paliad.deadline_rules` for those proceeding ids WHERE `lifecycle_state = 'published'` AND `is_active = true`.
+5. SELECT `paliad.trigger_events` referenced by any rule's `trigger_event_id`.
+6. SELECT `paliad.holidays` filtered to `country = 'DE' OR regime = 'UPC'` (the union UPC procedures need).
+7. SELECT `paliad.courts` filtered to `regime = 'UPC' OR court_type LIKE 'upc%'` (UPC court hierarchy).
+8. Write each result set to `<output>/<name>.json` (pretty-printed for diff-friendliness).
+9. Compute meta — current paliad commit (via `git rev-parse --short HEAD`), timestamp, row counts.
+10. Write `meta.json`.
+
+**Versioning rule**: the generator never overwrites a meta.json with `version` equal to an existing one. If today's date is already used (suffix `-1`), the generator bumps to `-2`. This keeps regenerations within a day distinguishable. Operator can pass `-version <string>` to override.
+
+### §19.6 Regeneration trigger
+
+Manual. Three entry points:
+
+- **`make snapshot-upc`** — Make target invokes the generator with `DATABASE_URL` from env. Documented in `cmd/gen-upc-snapshot/README.md`.
+- **`go generate ./pkg/litigationplanner/embedded/upc`** — `//go:generate` directive on a stub in the package. Same effect; lets contributors discover the regen path from the package they're modifying.
+- **Operator runs the command directly** — power-user path.
+
+**No CI regeneration in v1.** The snapshot is operator-controlled. Future slice can add a nightly CI job that opens a PR with the regenerated snapshot if drift is detected (out of scope here).
+
+### §19.7 SnapshotCatalog implementation
+
+In `pkg/litigationplanner/embedded/upc/snapshot.go`:
+
+```go
+type SnapshotCatalog struct {
+    proceedings    []litigationplanner.ProceedingType
+    rules          []litigationplanner.Rule
+    triggerEvents  map[int64]litigationplanner.TriggerEvent
+    rulesByProc    map[int][]litigationplanner.Rule  // for LoadProceeding
+    rulesByID      map[uuid.UUID]litigationplanner.Rule
+    procByID       map[int]litigationplanner.ProceedingType
+    procByCode     map[string]litigationplanner.ProceedingType
+}
+
+func NewCatalog() (*SnapshotCatalog, error)  // parses embedded JSON
+```
+
+All 7 Catalog interface methods (`LoadProceeding`, `LoadProceedingByID`, `LoadRuleByID`, `LoadRuleByCode`, `LoadRulesByTriggerEvent`, `LoadTriggerEventsByIDs`, `LookupEvents`) implemented against the in-memory maps. Lookup methods are O(1) on the indexed maps; `LookupEvents` does a linear scan of `rules` (the UPC subset is < 100 rows; no index needed).
+
+`ProjectHint` is ignored on the snapshot side (youpc.org has no projects). `applies_to_target` filter for B1 works identically — the rules carry the same array.
+
+`HolidayCalendar` impl mirrors paliad's `HolidayService` but reads from the embedded holiday slice instead of paliad.holidays. Same `AdjustForNonWorkingDaysWithReason` semantics.
+
+`CourtRegistry` impl mirrors `CourtService.CountryRegime`. UPC courts only.
+
+### §19.8 Tests
+
+`snapshot_test.go` exercises:
+- Snapshot loads without error
+- `meta.json` parses + has non-zero counts
+- `LoadProceeding(ctx, "upc.inf.cfi", ProjectHint{})` returns the expected proceeding + > 0 rules
+- `LookupEvents(ctx, EventLookupAxes{Jurisdiction:"UPC"}, EventLookupDepthAllFollowing)` returns all rules
+- A golden compute: `Calculate(ctx, "upc.inf.cfi", "2026-01-15", CalcOptions{}, cat, hc, cr)` produces a non-empty timeline with a known root rule (Klageerhebung)
+
+All tests run without a DB (zero `os.Getenv("TEST_DATABASE_URL")` checks).
+
+### §19.9 Acceptance criteria
+
+1. `cmd/gen-upc-snapshot` exists + builds + runs against the live paliad DB.
+2. `pkg/litigationplanner/embedded/upc/*.json` checked in with the first generated snapshot.
+3. `embedded/upc.NewCatalog()` (+ `NewHolidayCalendar` + `NewCourtRegistry`) return ready-to-use implementations of the package interfaces.
+4. Unit tests in `embedded/upc` pass without `TEST_DATABASE_URL` (no DB roundtrip).
+5. `make snapshot-upc` regenerates the snapshot.
+6. `go build ./...` + `go test ./...` all green.
+
+### §19.10 Out of scope (deferred to follow-up)
+
+- Snapshot signing / integrity attestation. v1 is plain JSON; future slice can ship a `meta.sig` next to `meta.json` for tamper detection.
+- DE/EPA/DPMA snapshots. v1 only ships the UPC subset (matches youpc.org's scope). Future jurisdictions add as sibling packages: `embedded/de`, `embedded/epa`, etc.
+- CI regeneration cron. Operator-driven only in v1.
+- Snapshot diff tooling. v1 relies on `git diff` of the JSON files.
+
+---
+
 *End of design doc.*

frontend/src/client/i18n.ts

@@ -237,7 +237,7 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.upc.disc.cfi": "Bucheinsicht",
     "deadlines.upc.apl.cost": "Berufung Kosten",
     "deadlines.upc.apl.order": "Berufung Anordnungen",
-    "deadlines.upc.apl": "Berufung",
+    "deadlines.upc.apl.unified": "Berufung",
     "deadlines.appeal_target.label": "Worauf richtet sich die Berufung?",
     "deadlines.appeal_target.endentscheidung": "Endentscheidung",
     "deadlines.appeal_target.kostenentscheidung": "Kostenentscheidung",
@@ -312,6 +312,7 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.view.timeline": "Zeitstrahl",
     "deadlines.view.columns": "Spalten",
     "deadlines.notes.show": "Hinweise anzeigen",
+    "deadlines.durations.show": "Dauern anzeigen",
     "deadlines.col.ours": "Unsere Seite",
     "deadlines.col.court": "Gericht",
     "deadlines.col.opponent": "Gegnerseite",
@@ -462,10 +463,6 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.side.from_project": "Aus Akte:",
     "deadlines.side.override": "Andere Seite wählen",
     "deadlines.side.hint": "Wählen Sie eine Seite, um die Spalten zu fokussieren.",
-    "deadlines.appellant.label": "Berufung durch:",
-    "deadlines.appellant.claimant": "Klägerseite",
-    "deadlines.appellant.defendant": "Beklagtenseite",
-    "deadlines.appellant.none": "—",
     "deadlines.event.composite.label": "Zusammengesetzt:",
     "deadlines.event.unit.days.one": "Tag",
     "deadlines.event.unit.days.many": "Tage",
@@ -3334,7 +3331,7 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.upc.dmgs.cfi": "Damages Determination",
     "deadlines.upc.disc.cfi": "Lay-open Books",
     "deadlines.upc.apl.cost": "Cost-Decision Appeal",
-    "deadlines.upc.apl": "Appeal",
+    "deadlines.upc.apl.unified": "Appeal",
     "deadlines.appeal_target.label": "Appeal against:",
     "deadlines.appeal_target.endentscheidung": "Final Decision",
     "deadlines.appeal_target.kostenentscheidung": "Cost Decision",
@@ -3410,6 +3407,7 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.view.timeline": "Timeline",
     "deadlines.view.columns": "Columns",
     "deadlines.notes.show": "Show details",
+    "deadlines.durations.show": "Show durations",
     "deadlines.col.ours": "Client Side",
     "deadlines.col.court": "Court",
     "deadlines.col.opponent": "Opponent Side",
@@ -3567,10 +3565,6 @@ const translations: Record<Lang, Record<string, string>> = {
     "deadlines.side.from_project": "From case:",
     "deadlines.side.override": "Choose other side",
     "deadlines.side.hint": "Pick a side to focus the columns.",
-    "deadlines.appellant.label": "Appeal filed by:",
-    "deadlines.appellant.claimant": "Claimant",
-    "deadlines.appellant.defendant": "Defendant",
-    "deadlines.appellant.none": "—",
     "deadlines.event.composite.label": "Composite:",
     "deadlines.event.unit.days.one": "day",
     "deadlines.event.unit.days.many": "days",

frontend/src/client/verfahrensablauf.ts

@@ -32,18 +32,20 @@ import {
 let selectedType = "";
 let lastResponse: DeadlineResponse | null = null;
 
-// Perspective state (t-paliad-250 / m/paliad#81). URL-driven so the
-// view is shareable and survives reload:
-//   ?side=claimant|defendant      → swaps which column owns the user's
-//                                    side (proactive vs reactive label).
-//                                    Default null = claimant-on-the-left.
-//   ?appellant=claimant|defendant → collapses party=both rows into the
-//                                    appellant's column (no mirror).
-//                                    Only meaningful for role-swap
-//                                    proceedings (Appeal etc.). Default
-//                                    null = legacy mirror behaviour.
+// Perspective state. URL-driven so the view is shareable + survives
+// reload:
+//   ?side=claimant|defendant — swaps which column owns the user's
+//                              side (proactive vs reactive label).
+//                              Default null = claimant-on-the-left.
+//
+// t-paliad-301 / m/paliad#132 collapsed the duplicate ?side= +
+// ?appellant= selectors into the single proactive-side picker above.
+// For role-swap proceedings (Appeal / EPA Opposition / DE Revision /
+// DPMA Appeal) the picker's labels swap to per-proceeding role
+// strings (Berufungskläger / Berufungsbeklagter, …) via ROLE_LABELS
+// below — but the underlying claimant/defendant value the engine
+// consumes is unchanged.
 let currentSide: Side = null;
-let currentAppellant: Side = null;
 
 // Project-driven auto-fill state (t-paliad-279 / m/paliad#111). When the
 // page is opened with ?project=<id> and that project has our_side set,
@@ -52,19 +54,15 @@ let currentAppellant: Side = null;
 // link, which clears this flag (radio cluster takes over again).
 let sidePrefilledFromProject = false;
 
-// Proceedings where one party initiates and "both" rows are role-swap
-// (i.e. either party files depending on who acted at the lower
-// instance). For these proceedings the appellant selector is meaningful
-// — when set, "both" rows collapse to a single row in the appellant's
-// column. For first-instance proceedings (Inf, Rev, …) the selector is
-// hidden because there's no appellant axis.
-//
-// Today: every upc.apl.* family member plus dpma.appeal.* and
-// de.inf.olg / de.inf.bgh / de.null.bgh (DE Berufung / Revision).
-// Conservative — false negatives just hide a control; false positives
-// would show an irrelevant control.
+// Role-swap proceedings — the side picker doubles as the appellant
+// axis. After t-paliad-301 collapsed the duplicate selectors, the
+// engine reads "appellant" from the single side value for these
+// proceedings (so a row with primary_party=both renders only in the
+// chosen side's column). For first-instance proceedings (Inf, Rev,
+// …) the side picker still narrows columns but doesn't collapse
+// the "both" rows.
 const APPELLANT_AXIS_PROCEEDINGS = new Set([
-  "upc.apl",
+  "upc.apl.unified",
   "de.inf.olg",
   "de.inf.bgh",
   "de.null.bgh",
@@ -73,12 +71,50 @@ const APPELLANT_AXIS_PROCEEDINGS = new Set([
   "epa.opp.boa",
 ]);
 
+// Per-proceeding role labels (t-paliad-301 / m/paliad#132 Bug A).
+// Mirrors paliad.proceeding_types.role_*_label_* — the canonical
+// definition lives in the DB; this map is the frontend's view of
+// it. Proceedings absent from the map fall back to the generic
+// "deadlines.side.claimant" / "deadlines.side.defendant" i18n keys.
+//
+// Keep in sync with mig 137's backfill. Adding a row here without a
+// matching DB row is fine (the DB col is NULL → still falls back to
+// default; UI shows the override). Adding to the DB without here
+// means the UI uses defaults — harmless but inconsistent.
+type RoleLabels = { proDE: string; reDE: string; proEN: string; reEN: string };
+const ROLE_LABELS: Record<string, RoleLabels> = {
+  "upc.apl.unified": {
+    proDE: "Berufungskläger",
+    reDE:  "Berufungsbeklagter",
+    proEN: "Appellant",
+    reEN:  "Appellee",
+  },
+  "upc.rev.cfi": {
+    proDE: "Antragsteller (Nichtigkeit)",
+    reDE:  "Antragsgegner (Nichtigkeit)",
+    proEN: "Revocation claimant",
+    reEN:  "Revocation defendant",
+  },
+  "epa.opp.opd": {
+    proDE: "Einsprechende(r)",
+    reDE:  "Patentinhaber(in)",
+    proEN: "Opponent",
+    reEN:  "Patentee",
+  },
+  "epa.opp.boa": {
+    proDE: "Einsprechende(r)",
+    reDE:  "Patentinhaber(in)",
+    proEN: "Opponent",
+    reEN:  "Patentee",
+  },
+};
+
 // Slice B1 (m/paliad#124 §18.1) — Berufung unification.
 // Proceedings that surface the appeal-target chip group. Currently
 // only the unified upc.apl proceeding; future variants (e.g. de.apl)
 // can opt in by adding the code here.
 const APPEAL_TARGET_PROCEEDINGS = new Set([
-  "upc.apl",
+  "upc.apl.unified",
 ]);
 
 // Five canonical appeal-target slugs (lp.AppealTargets — keep ordered
@@ -105,11 +141,6 @@ function readSideFromURL(): Side {
   return raw === "claimant" || raw === "defendant" ? raw : null;
 }
 
-function readAppellantFromURL(): Side {
-  const raw = new URLSearchParams(window.location.search).get("appellant");
-  return raw === "claimant" || raw === "defendant" ? raw : null;
-}
-
 function writeSideToURL(s: Side) {
   const url = new URL(window.location.href);
   if (s === null) url.searchParams.delete("side");
@@ -117,11 +148,31 @@ function writeSideToURL(s: Side) {
   window.history.replaceState(null, "", url.pathname + (url.search ? url.search : "") + url.hash);
 }
 
-function writeAppellantToURL(a: Side) {
-  const url = new URL(window.location.href);
-  if (a === null) url.searchParams.delete("appellant");
-  else url.searchParams.set("appellant", a);
-  window.history.replaceState(null, "", url.pathname + (url.search ? url.search : "") + url.hash);
+// t-paliad-301 / m/paliad#132: applies ROLE_LABELS to the side-row
+// radio labels for the currently selected proceeding. Proceedings
+// without an entry fall back to the existing
+// "deadlines.side.claimant" / "deadlines.side.defendant" i18n keys.
+function applyRoleLabels(proceedingType: string) {
+  const lang = getLang() === "en" ? "en" : "de";
+  const claimantSpan = document.querySelector<HTMLElement>(
+    "input[type=radio][name=side][value=claimant] + span"
+  );
+  const defendantSpan = document.querySelector<HTMLElement>(
+    "input[type=radio][name=side][value=defendant] + span"
+  );
+  if (!claimantSpan || !defendantSpan) return;
+
+  const labels = ROLE_LABELS[proceedingType];
+  if (labels) {
+    claimantSpan.textContent = lang === "en" ? labels.proEN : labels.proDE;
+    defendantSpan.textContent = lang === "en" ? labels.reEN : labels.reDE;
+  } else {
+    // Default — let i18n drive via data-i18n attribute. Reset to the
+    // canonical i18n value so a previous override doesn't stick when
+    // switching from upc.apl.unified back to upc.inf.cfi.
+    claimantSpan.textContent = t("deadlines.side.claimant");
+    defendantSpan.textContent = t("deadlines.side.defendant");
+  }
 }
 
 // Slice B1 — appeal-target URL state. Empty string = no target picked
@@ -225,6 +276,21 @@ function writeNotesPref(on: boolean): void {
 }
 let showNotes = readNotesPref();
 
+// Durations toggle (m/paliad#133, t-paliad-302) — when off (default),
+// the per-rule duration label ("2 Mo. nach") only shows on hover via
+// the date span's `title` attribute. When on, the label renders inline
+// in the timeline meta row of every event card. Persisted in
+// localStorage under its own key so the preference is independent of
+// "Hinweise anzeigen".
+const DURATIONS_PREF_KEY = "paliad.verfahrensablauf.durations-show";
+function readDurationsPref(): boolean {
+  try { return localStorage.getItem(DURATIONS_PREF_KEY) === "1"; } catch { return false; }
+}
+function writeDurationsPref(on: boolean): void {
+  try { localStorage.setItem(DURATIONS_PREF_KEY, on ? "1" : "0"); } catch { /* no-op */ }
+}
+let showDurations = readDurationsPref();
+
 // Jurisdiction display prefix for the proceeding-summary chip + the
 // trigger-event placeholder. Same forum slugs the .proceeding-group
 // `data-forum` attribute carries in verfahrensablauf.tsx /
@@ -431,10 +497,16 @@ function renderResults(data: DeadlineResponse) {
     ? renderColumnsBody(data, {
         editable: true,
         showNotes,
+        showDurations,
         side: currentSide,
-        appellant: hasAppellantAxis(selectedType) ? currentAppellant : null,
+        // t-paliad-301: the appellant axis collapses into the single
+        // side picker. For role-swap proceedings, currentSide IS the
+        // appellant pick (so a row with primary_party=both renders only
+        // in the picked side's column). For non-role-swap proceedings,
+        // the appellant axis is irrelevant — pass null.
+        appellant: hasAppellantAxis(selectedType) ? currentSide : null,
       })
-    : renderTimelineBody(data, { showParty: true, editable: true, showNotes });
+    : renderTimelineBody(data, { showParty: true, editable: true, showNotes, showDurations });
 
   container.innerHTML = headerHtml + noteHtml + bodyHtml;
   if (printBtn) printBtn.style.display = "block";
@@ -501,8 +573,8 @@ function selectProceeding(btn: HTMLButtonElement) {
 
   void populateCourtPicker("court-picker-row", "court-picker", selectedType);
   syncFlagRows();
-  syncAppellantRowVisibility();
   syncAppealTargetRowVisibility();
+  applyRoleLabels(selectedType);
 
   setProceedingPickerCollapsed(true, proceedingDisplayName(btn));
 
@@ -510,23 +582,6 @@ function selectProceeding(btn: HTMLButtonElement) {
   scheduleCalc(0);
 }
 
-// syncAppellantRowVisibility hides the appellant selector for
-// proceedings that have no appellant axis (first-instance Inf, Rev,
-// …). Clears the in-memory state and the URL param when hidden so a
-// shared link with ?appellant= doesn't leak into an unrelated
-// proceeding's render.
-function syncAppellantRowVisibility() {
-  const row = document.getElementById("appellant-row");
-  if (!row) return;
-  const visible = hasAppellantAxis(selectedType);
-  row.style.display = visible ? "" : "none";
-  if (!visible && currentAppellant !== null) {
-    currentAppellant = null;
-    writeAppellantToURL(null);
-    syncRadioGroup("appellant", "");
-  }
-}
-
 // Slice B1 (m/paliad#124 §18.1) — Berufung unification.
 // syncAppealTargetRowVisibility shows the appeal-target chip group
 // when the unified upc.apl Berufung tile is selected, hides it
@@ -727,10 +782,8 @@ function initViewToggle() {
 // projection of the last response, no backend involved.
 function initPerspectiveControls() {
   currentSide = readSideFromURL();
-  currentAppellant = readAppellantFromURL();
   currentAppealTarget = readAppealTargetFromURL();
   syncRadioGroup("side", currentSide ?? "");
-  syncRadioGroup("appellant", currentAppellant ?? "");
   syncRadioGroup("appeal-target", currentAppealTarget || "endentscheidung");
   syncSideHintVisibility();
 
@@ -745,16 +798,6 @@ function initPerspectiveControls() {
     });
   });
 
-  document.querySelectorAll<HTMLInputElement>("input[type=radio][name=appellant]").forEach((input) => {
-    input.addEventListener("change", () => {
-      if (!input.checked) return;
-      const v = input.value;
-      currentAppellant = (v === "claimant" || v === "defendant") ? v : null;
-      writeAppellantToURL(currentAppellant);
-      if (lastResponse) renderResults(lastResponse);
-    });
-  });
-
   // Slice B1 (m/paliad#124 §18.1) — appeal-target chip handler.
   // Each chip change re-fetches with the new target slug so the
   // timeline re-renders against the matching rule subset.
@@ -841,6 +884,19 @@ document.addEventListener("DOMContentLoaded", () => {
     });
   }
 
+  // Durations toggle (m/paliad#133, t-paliad-302) — sibling of the
+  // notes toggle. Hover-only labels (default) become inline labels when
+  // the user opts in.
+  const durationsShowCb = document.getElementById("verfahrensablauf-durations-show") as HTMLInputElement | null;
+  if (durationsShowCb) {
+    durationsShowCb.checked = showDurations;
+    durationsShowCb.addEventListener("change", () => {
+      showDurations = durationsShowCb.checked;
+      writeDurationsPref(showDurations);
+      if (lastResponse) renderResults(lastResponse);
+    });
+  }
+
   // t-paliad-290 — show-hidden toggle. Hydrate from URL, wire change
   // to URL + recalc (the backend reshapes the response — we can't just
   // re-render lastResponse since the hidden rows aren't in it when the

frontend/src/client/views/verfahrensablauf-core.test.ts

@@ -327,6 +327,29 @@ describe("bucketDeadlinesIntoColumns — side+appellant column routing (m/paliad
     expect(rows[0].ours).toHaveLength(0);
   });
 
+  test("side=defendant collapses 'both' rules into ours (no mirror) — m/paliad#135", () => {
+    // When the user has committed to a perspective via `?side=`, the
+    // mirror is visual noise: the same card renders twice on one row,
+    // once in 'Unsere Seite' and once in 'Gegnerseite'. The card's
+    // '↔ beide Seiten' indicator already conveys the both-parties
+    // semantic, so collapsing into ours is sufficient.
+    const rows = bucketDeadlinesIntoColumns(
+      [both("Antrag auf Simultanübersetzung", "2026-04-27")],
+      { side: "defendant" },
+    );
+    expect(rows[0].ours.map((d) => d.name)).toEqual(["Antrag auf Simultanübersetzung"]);
+    expect(rows[0].opponent).toHaveLength(0);
+  });
+
+  test("side=claimant collapses 'both' rules into ours (no mirror) — m/paliad#135", () => {
+    const rows = bucketDeadlinesIntoColumns(
+      [both("Antrag auf Simultanübersetzung", "2026-04-27")],
+      { side: "claimant" },
+    );
+    expect(rows[0].ours.map((d) => d.name)).toEqual(["Antrag auf Simultanübersetzung"]);
+    expect(rows[0].opponent).toHaveLength(0);
+  });
+
   test("rows align across columns by dueDate so same-day events stay on one grid row", () => {
     const sameDate = "2026-07-23";
     const rows = bucketDeadlinesIntoColumns([

frontend/src/client/views/verfahrensablauf-core.ts

@@ -95,6 +95,36 @@ export interface CalculatedDeadline {
   parentRuleCode?: string;
   parentRuleName?: string;
   parentRuleNameEN?: string;
+  // durationValue / durationUnit / timing surface the rule's arithmetic
+  // so the timeline card can show "2 Mo. nach" on hover (and inline when
+  // the "Dauern anzeigen" toggle is on). Zero-duration rules (root
+  // event, court-set) carry durationValue=0 and the renderer suppresses
+  // the affordance — those don't have an explainable interval.
+  // (m/paliad#133, t-paliad-302)
+  durationValue?: number;
+  durationUnit?: string;
+  timing?: string;
+}
+
+// formatDurationLabel renders the per-rule duration ("2 Mo. nach") for
+// the Verfahrensablauf card affordance (m/paliad#133, t-paliad-302).
+// Returns empty string for rules without a usable duration so the
+// caller can skip the tooltip / inline span entirely.
+//
+// Pluralisation key naming mirrors the Fristenrechner event-mode
+// renderer (deadlines.event.unit.<unit>.{one,many}) — the unit and
+// timing translations already exist for /tools/fristenrechner's
+// "Was kommt nach…" mode and are reused here as the single
+// source of truth.
+export function formatDurationLabel(dl: CalculatedDeadline): string {
+  const value = dl.durationValue ?? 0;
+  const unit = dl.durationUnit || "";
+  if (value <= 0 || !unit) return "";
+  const unitKey = `deadlines.event.unit.${unit}` + (value === 1 ? ".one" : ".many");
+  const unitStr = tDyn(unitKey);
+  const timing = dl.timing || "";
+  const timingStr = timing ? tDyn(`deadlines.event.timing.${timing}`) : "";
+  return timingStr ? `${value} ${unitStr} ${timingStr}` : `${value} ${unitStr}`;
 }
 
 // priorityRendering returns the per-priority UX hints the save-modal
@@ -321,15 +351,38 @@ export interface CardOpts {
   // Page shells expose a toggle ("Hinweise anzeigen") that flips this and
   // re-renders. Default false — notes are noisy on long timelines.
   showNotes?: boolean;
+  // showDurations controls per-rule duration rendering on event cards
+  // (m/paliad#133, t-paliad-302):
+  //   true  → inline `<span class="timeline-duration">2 Mo. nach</span>`
+  //           next to the date.
+  //   false → hover-only tooltip on the date span (browser-native
+  //           `title` attribute). Cards without a usable
+  //           `durationValue > 0` get neither — court-set and trigger-
+  //           event cards have no explainable interval.
+  // /tools/verfahrensablauf exposes a toggle ("Dauern anzeigen") that
+  // flips this and re-renders; persisted via the localStorage key
+  // `paliad.verfahrensablauf.durations-show`. Default false.
+  showDurations?: boolean;
 }
 
 export function deadlineCardHtml(dl: CalculatedDeadline, opts: CardOpts): string {
   const wantsEditable = !!opts.editable;
   const editable = wantsEditable && !dl.isRootEvent && dl.code !== "";
   const overriddenClass = dl.isOverridden ? " timeline-date--overridden" : "";
+  // Duration affordance (m/paliad#133, t-paliad-302). Computed once so
+  // both the date-span tooltip and the inline meta-row span pull from
+  // the same string. Empty for rules without a usable duration.
+  const durationLabel = formatDurationLabel(dl);
+  // Hover affordance on the date span: prefer the duration tooltip when
+  // we have one, else fall back to the edit-hint when the cell is
+  // click-to-edit. The edit affordance still works either way — the
+  // title is purely advisory.
+  const dateTitle = durationLabel
+    ? durationLabel
+    : (editable ? t("deadlines.date.edit.hint") : "");
   const editAttrs = editable
-    ? ` data-rule-code="${escAttr(dl.code)}" data-current-date="${escAttr(dl.dueDate)}" role="button" tabindex="0" title="${escAttr(t("deadlines.date.edit.hint"))}"`
-    : "";
+    ? ` data-rule-code="${escAttr(dl.code)}" data-current-date="${escAttr(dl.dueDate)}" role="button" tabindex="0"${dateTitle ? ` title="${escAttr(dateTitle)}"` : ""}`
+    : (dateTitle ? ` title="${escAttr(dateTitle)}"` : "");
   // Conditional rows (t-paliad-289) replace the date column with an
   // "abhängig von <parent>" chip. The chip remains click-to-edit so
   // the user can pin a real date once known (e.g. once the oral
@@ -434,9 +487,19 @@ export function deadlineCardHtml(dl: CalculatedDeadline, opts: CardOpts): string
     ? `<span class="timeline-note-hint" tabindex="0" role="note" aria-label="${escAttr(noteText)}" title="${escAttr(noteText)}">ⓘ</span>`
     : "";
 
-  const meta = (opts.showParty || ruleRef || noteHint)
+  // Inline duration affordance (m/paliad#133, t-paliad-302). Only
+  // emitted when the "Dauern anzeigen" toggle is on AND the rule has a
+  // usable duration; the default-off hover-tooltip path is wired
+  // separately on the date span itself.
+  const showDurations = opts.showDurations === true;
+  const durationInline = showDurations && durationLabel
+    ? `<span class="timeline-duration">${escHtml(durationLabel)}</span>`
+    : "";
+
+  const meta = (opts.showParty || ruleRef || noteHint || durationInline)
     ? `<div class="timeline-meta">
         ${opts.showParty ? partyBadge(dl.party) : ""}
+        ${durationInline}
         ${ruleRef}
         ${noteHint}
       </div>`
@@ -614,6 +677,9 @@ type ColumnPosition = "ours" | "opponent";
 export interface ColumnsBodyOpts {
   editable?: boolean;
   showNotes?: boolean;
+  // Forwarded to deadlineCardHtml — see CardOpts.showDurations.
+  // (m/paliad#133, t-paliad-302)
+  showDurations?: boolean;
   // side: which side the user is on. Drives column placement;
   // does NOT filter rows. Default null = claimant-on-the-left
   // (i.e. "ours = claimant", legacy default).
@@ -698,7 +764,18 @@ export function bucketDeadlinesIntoColumns(
           // Role-swap collapse: appellant initiated → both → one row
           // in appellant's column. Mirror suppressed.
           row[appellantColumn].push(dl);
+        } else if (userSide !== null) {
+          // Side picked but no appellant axis (first-instance Inf, Rev,
+          // …): the user has committed to a perspective, so the mirror
+          // is visual noise — the same card appears twice on the same
+          // row, once in "Unsere Seite" and once in "Gegnerseite".
+          // Collapse into ours; the "↔ beide Seiten" indicator on the
+          // card already conveys that the rule applies to both parties.
+          // (m/paliad#135 / t-paliad-304)
+          row.ours.push(dl);
         } else {
+          // No perspective picked → keep the legacy mirror so neither
+          // axis is privileged. Pinned by the "default (no opts)" test.
           row.ours.push(dl);
           row.opponent.push(dl);
         }
@@ -724,12 +801,23 @@ export function renderColumnsBody(data: DeadlineResponse, opts: ColumnsBodyOpts
   const rows = bucketDeadlinesIntoColumns(data.deadlines, { side: userSide, appellant: opts.appellant });
   const appellantPinned = opts.appellant === "claimant" || opts.appellant === "defendant";
 
-  const cardOpts: CardOpts = { showParty: false, editable: opts.editable, showNotes: opts.showNotes };
+  const cardOpts: CardOpts = {
+    showParty: false,
+    editable: opts.editable,
+    showNotes: opts.showNotes,
+    showDurations: opts.showDurations,
+  };
 
   // Collapsed "both" rows lose their mirror tag — there's no longer
   // a sibling row to mirror to, so the "↔ beide Seiten" hint would
-  // be misleading. Keep it for the legacy mirror path.
-  const showMirrorTag = !appellantPinned;
+  // be misleading. Both collapse paths suppress it:
+  //   - appellantPinned: role-swap collapse into appellant's column
+  //   - userSide !== null without appellantPinned: perspective-locked
+  //     collapse into ours (m/paliad#135 / t-paliad-304).
+  // Legacy mirror path (no side, no appellant) keeps the tag — both
+  // sibling rows still render so the tag has a visual referent.
+  const sideCollapse = userSide !== null;
+  const showMirrorTag = !appellantPinned && !sideCollapse;
 
   const renderCell = (items: CalculatedDeadline[]): string => {
     if (items.length === 0) {

frontend/src/i18n-keys.ts

@@ -1190,10 +1190,6 @@ export type I18nKey =
   | "deadlines.appeal_target.kostenentscheidung"
   | "deadlines.appeal_target.label"
   | "deadlines.appeal_target.schadensbemessung"
-  | "deadlines.appellant.claimant"
-  | "deadlines.appellant.defendant"
-  | "deadlines.appellant.label"
-  | "deadlines.appellant.none"
   | "deadlines.calculate"
   | "deadlines.card.calc.add_to_project"
   | "deadlines.card.calc.add_to_project.disabled"
@@ -1268,6 +1264,7 @@ export type I18nKey =
   | "deadlines.dpma.appeal.bgh"
   | "deadlines.dpma.appeal.bpatg"
   | "deadlines.dpma.opp.dpma"
+  | "deadlines.durations.show"
   | "deadlines.empty.filtered"
   | "deadlines.empty.hint"
   | "deadlines.empty.title"
@@ -1517,10 +1514,10 @@ export type I18nKey =
   | "deadlines.trigger.label"
   | "deadlines.unavailable"
   | "deadlines.upc"
-  | "deadlines.upc.apl"
   | "deadlines.upc.apl.cost"
   | "deadlines.upc.apl.merits"
   | "deadlines.upc.apl.order"
+  | "deadlines.upc.apl.unified"
   | "deadlines.upc.ccr.cfi"
   | "deadlines.upc.disc.cfi"
   | "deadlines.upc.dmgs.cfi"

frontend/src/styles/global.css

@@ -3750,6 +3750,16 @@ input[type="range"]::-moz-range-thumb {
     color: var(--color-text-muted);
 }
 
+/* Per-rule duration label rendered inline in the meta row when
+   "Dauern anzeigen" is on (m/paliad#133, t-paliad-302). Matches the
+   sibling .timeline-rule weight so the meta line reads as one band of
+   secondary metadata; non-mono so the value reads as prose ("2 Mo. nach")
+   rather than a code reference. */
+.timeline-duration {
+    font-size: 0.72rem;
+    color: var(--color-text-muted);
+}
+
 .timeline-adjusted {
     font-size: 0.78rem;
     color: var(--status-amber-fg-2);

frontend/src/verfahrensablauf.tsx

@@ -39,7 +39,7 @@ const UPC_TYPES: ProceedingDef[] = [
   { code: "upc.rev.cfi",    i18nKey: "deadlines.upc.rev.cfi",    name: "Nichtigkeitsklage" },
   { code: "upc.ccr.cfi",    i18nKey: "deadlines.upc.ccr.cfi",    name: "Widerklage auf Nichtigkeit" },
   { code: "upc.pi.cfi",     i18nKey: "deadlines.upc.pi.cfi",     name: "Einstw. Maßnahmen" },
-  { code: "upc.apl",        i18nKey: "deadlines.upc.apl",        name: "Berufung" },
+  { code: "upc.apl.unified", i18nKey: "deadlines.upc.apl.unified", name: "Berufung" },
   { code: "upc.dmgs.cfi",   i18nKey: "deadlines.upc.dmgs.cfi",   name: "Schadensbemessung" },
   { code: "upc.disc.cfi",   i18nKey: "deadlines.upc.disc.cfi",   name: "Bucheinsicht" },
 ];
@@ -250,23 +250,6 @@ export function renderVerfahrensablauf(): string {
                         </label>
                       </div>
                     </div>
-                    <div className="verfahrensablauf-perspective-row" id="appellant-row" style="display:none">
-                      <span className="date-label" data-i18n="deadlines.appellant.label">Berufung durch:</span>
-                      <div className="fristen-view-toggle" role="radiogroup" aria-label="Appellant">
-                        <label className="fristen-view-option">
-                          <input type="radio" name="appellant" value="claimant" />
-                          <span data-i18n="deadlines.appellant.claimant">Klägerseite</span>
-                        </label>
-                        <label className="fristen-view-option">
-                          <input type="radio" name="appellant" value="defendant" />
-                          <span data-i18n="deadlines.appellant.defendant">Beklagtenseite</span>
-                        </label>
-                        <label className="fristen-view-option">
-                          <input type="radio" name="appellant" value="" checked />
-                          <span data-i18n="deadlines.appellant.none">—</span>
-                        </label>
-                      </div>
-                    </div>
                     {/* Show-hidden toggle (t-paliad-290 / m/paliad#122).
                          Re-surfaces optional cards the user has previously
                          marked "Überspringen" via the per-card popover.
@@ -358,6 +341,13 @@ export function renderVerfahrensablauf(): string {
                       <input type="checkbox" id="fristen-notes-show" />
                       <span data-i18n="deadlines.notes.show">Hinweise anzeigen</span>
                     </label>
+                    {/* Durations toggle (m/paliad#133, t-paliad-302).
+                         Default off — hover-tooltips on date spans are
+                         the always-on path. */}
+                    <label className="fristen-notes-option">
+                      <input type="checkbox" id="verfahrensablauf-durations-show" />
+                      <span data-i18n="deadlines.durations.show">Dauern anzeigen</span>
+                    </label>
                   </div>
 
                   <div id="timeline-container">

internal/db/migration_136_test.go

@@ -0,0 +1,134 @@
+// Slice B.1 (t-paliad-273) — migration 136 backfill invariants.
+//
+// The dry-run gate (migrate_test.go: TestMigrations_DryRun) catches
+// migrations that crash on apply, but it rolls back inside its own
+// transaction — the post-state assertions in mig 136's PL/pgSQL block
+// run, but a future refactor of those assertions might forget a check
+// or introduce a silent count drift. This test layers a Go-side
+// invariant check on top so the contract is restated in test code,
+// outside the PL/pgSQL block, against the resulting tables.
+//
+// Skipped without TEST_DATABASE_URL, same pattern as
+// internal/services/submission_codes_shape_test.go.
+
+package db
+
+import (
+	"context"
+	"database/sql"
+	"os"
+	"testing"
+
+	_ "github.com/lib/pq"
+)
+
+// TestMigration136_BackfillInvariants applies every embedded migration
+// (which lands mig 136 along the way) and then asserts the four
+// invariants the B.1 design + B.0 findings nailed down:
+//
+//  1. procedural_events row count = (distinct submission_codes in
+//     deadline_rules) + (deadline_rules with NULL submission_code).
+//     Codes-bearing branch is 1:1 per the B.0 audit (no multi-row
+//     codes since the _archived_litigation.* removal); the NULL
+//     branch gets one synthetic procedural_event per rule.
+//  2. sequencing_rules row count = deadline_rules row count (1:1).
+//  3. legal_sources row count = distinct legal_source in
+//     deadline_rules (NULL excluded).
+//  4. every sequencing_rules row's procedural_event_id resolves to a
+//     procedural_events row (NOT NULL FK already enforces this at the
+//     DB level — this test catches a future relaxation of the FK).
+//  5. no two synthetic codes collide (covered by the UNIQUE on
+//     procedural_events.code; restated here for documentation).
+//
+// The test is robust against corpus size — it derives all expected
+// counts from the live deadline_rules state, so a scratch DB with 0
+// rules trivially passes, and a prod-shaped scratch DB exercises the
+// real invariants.
+func TestMigration136_BackfillInvariants(t *testing.T) {
+	url := os.Getenv("TEST_DATABASE_URL")
+	if url == "" {
+		t.Skip("TEST_DATABASE_URL not set — skipping mig 136 invariant test")
+	}
+	if err := ApplyMigrations(url); err != nil {
+		t.Fatalf("apply migrations: %v", err)
+	}
+
+	conn, err := sql.Open("postgres", url)
+	if err != nil {
+		t.Fatalf("open: %v", err)
+	}
+	defer conn.Close()
+	ctx := context.Background()
+
+	var (
+		drTotal, drCodesDistinct, drCodesNull, drLegalDistinct int
+		peTotal, srTotal, lsTotal                              int
+		orphanPE, dupSynthetic                                 int
+	)
+
+	mustQ := func(label, q string, dst *int) {
+		t.Helper()
+		if err := conn.QueryRowContext(ctx, q).Scan(dst); err != nil {
+			t.Fatalf("%s: %v", label, err)
+		}
+	}
+
+	mustQ("dr_total", `SELECT COUNT(*) FROM paliad.deadline_rules`, &drTotal)
+	mustQ("dr_codes_distinct",
+		`SELECT COUNT(DISTINCT submission_code) FROM paliad.deadline_rules WHERE submission_code IS NOT NULL`,
+		&drCodesDistinct)
+	mustQ("dr_codes_null",
+		`SELECT COUNT(*) FROM paliad.deadline_rules WHERE submission_code IS NULL`,
+		&drCodesNull)
+	mustQ("dr_legal_distinct",
+		`SELECT COUNT(DISTINCT legal_source) FROM paliad.deadline_rules WHERE legal_source IS NOT NULL`,
+		&drLegalDistinct)
+	mustQ("pe_total", `SELECT COUNT(*) FROM paliad.procedural_events`, &peTotal)
+	mustQ("sr_total", `SELECT COUNT(*) FROM paliad.sequencing_rules`, &srTotal)
+	mustQ("ls_total", `SELECT COUNT(*) FROM paliad.legal_sources`, &lsTotal)
+
+	// Invariant 1: procedural_events = distinct_codes + null_codes
+	wantPE := drCodesDistinct + drCodesNull
+	if peTotal != wantPE {
+		t.Errorf("procedural_events count mismatch: got %d, want %d (distinct codes=%d + null-code rules=%d)",
+			peTotal, wantPE, drCodesDistinct, drCodesNull)
+	}
+
+	// Invariant 2: sequencing_rules 1:1 with deadline_rules
+	if srTotal != drTotal {
+		t.Errorf("sequencing_rules count mismatch: got %d, want %d (1:1 with deadline_rules)",
+			srTotal, drTotal)
+	}
+
+	// Invariant 3: legal_sources = distinct legal_source
+	if lsTotal != drLegalDistinct {
+		t.Errorf("legal_sources count mismatch: got %d, want %d (distinct legal_source)",
+			lsTotal, drLegalDistinct)
+	}
+
+	// Invariant 4: every sequencing_rules.procedural_event_id resolves
+	mustQ("orphan_pe", `
+		SELECT COUNT(*)
+		  FROM paliad.sequencing_rules sr
+		  LEFT JOIN paliad.procedural_events pe ON pe.id = sr.procedural_event_id
+		 WHERE pe.id IS NULL`, &orphanPE)
+	if orphanPE != 0 {
+		t.Errorf("FK integrity violated: %d sequencing_rules row(s) have no resolving procedural_event_id", orphanPE)
+	}
+
+	// Invariant 5: no duplicate synthetic codes
+	mustQ("dup_synthetic", `
+		SELECT COUNT(*) FROM (
+			SELECT code FROM paliad.procedural_events
+			 WHERE code LIKE 'null.%'
+			 GROUP BY code
+			HAVING COUNT(*) > 1
+		) d`, &dupSynthetic)
+	if dupSynthetic != 0 {
+		t.Errorf("synthetic code uniqueness violated: %d duplicate(s) under 'null.%%' prefix", dupSynthetic)
+	}
+
+	t.Logf("mig 136 invariants OK: deadline_rules=%d, procedural_events=%d (=%d+%d), "+
+		"sequencing_rules=%d, legal_sources=%d (distinct legal_source=%d)",
+		drTotal, peTotal, drCodesDistinct, drCodesNull, srTotal, lsTotal, drLegalDistinct)
+}

internal/db/migrations/134_berufung_unification.down.sql

@@ -9,13 +9,22 @@
 -- never deleted them — that's what makes this down-migration safe).
 -- ---------------------------------------------------------------
 
+-- ---------------------------------------------------------------
+-- 0. Audit reason (required by mig 079 trigger — step 2 UPDATEs
+--    paliad.deadline_rules to reverse the reassignment).
+-- ---------------------------------------------------------------
+
+SELECT set_config(
+    'paliad.audit_reason',
+    'mig 134 DOWN: revert Slice B1 — restore 3 separate UPC appeal proceeding_types, drop applies_to_target column',
+    true);
+
 -- ---------------------------------------------------------------
 -- 1. Un-archive the 3 old appeal proceeding_types.
 -- ---------------------------------------------------------------
 
 UPDATE paliad.proceeding_types
-   SET is_active = true,
-       updated_at = now()
+   SET is_active = true
  WHERE code IN ('upc.apl.merits', 'upc.apl.cost', 'upc.apl.order');
 
 -- ---------------------------------------------------------------
@@ -41,10 +50,10 @@ UPDATE paliad.deadline_rules dr
  WHERE dr.applies_to_target = ARRAY['anordnung']::text[];
 
 -- ---------------------------------------------------------------
--- 3. Drop the unified upc.apl row (now orphaned).
+-- 3. Drop the unified upc.apl.unified row (now orphaned).
 -- ---------------------------------------------------------------
 
-DELETE FROM paliad.proceeding_types WHERE code = 'upc.apl';
+DELETE FROM paliad.proceeding_types WHERE code = 'upc.apl.unified';
 
 -- ---------------------------------------------------------------
 -- 4. Drop the new columns + their CHECK constraints.

internal/db/migrations/134_berufung_unification.up.sql

@@ -25,6 +25,16 @@
 --
 -- See docs/design-litigation-planner-2026-05-26.md §18.1.
 
+-- ---------------------------------------------------------------
+-- 0. Audit reason (required by mig 079 trigger for any UPDATE on
+--    paliad.deadline_rules — step 4 reassigns 16 rules).
+-- ---------------------------------------------------------------
+
+SELECT set_config(
+    'paliad.audit_reason',
+    'mig 134: t-paliad-292 Slice B1 — Berufung unification, collapse 3 UPC appeal proceeding_types into upc.apl.unified + appeal_target discriminator',
+    true);
+
 -- ---------------------------------------------------------------
 -- 1. Schema additions
 -- ---------------------------------------------------------------
@@ -86,7 +96,7 @@ INSERT INTO paliad.proceeding_types (
     appeal_target
 )
 SELECT
-    'upc.apl',
+    'upc.apl.unified',
     'Berufungsverfahren',
     'Appeal',
     'Vereinheitlichtes Berufungsverfahren — wählen Sie anschließend, '
@@ -120,10 +130,10 @@ DECLARE
 BEGIN
     SELECT id INTO upc_apl_id
       FROM paliad.proceeding_types
-     WHERE code = 'upc.apl';
-    RAISE NOTICE '[mig 134] new upc.apl proceeding_type_id = %', upc_apl_id;
+     WHERE code = 'upc.apl.unified';
+    RAISE NOTICE '[mig 134] new upc.apl.unified proceeding_type_id = %', upc_apl_id;
 
-    RAISE NOTICE '[mig 134] Rules to reassign to upc.apl with applies_to_target:';
+    RAISE NOTICE '[mig 134] Rules to reassign to upc.apl.unified with applies_to_target:';
     FOR rec IN
         SELECT dr.id AS rule_id,
                pt.code AS old_proceeding,
@@ -185,10 +195,10 @@ UPDATE paliad.deadline_rules dr
    AND pt.code = 'upc.apl.order'
    AND dr.is_active = true;
 
--- 4d. Reassign all 16 rules to the new upc.apl proceeding_type row.
+-- 4d. Reassign all 16 rules to the new upc.apl.unified proceeding_type row.
 UPDATE paliad.deadline_rules dr
    SET proceeding_type_id = (
-        SELECT id FROM paliad.proceeding_types WHERE code = 'upc.apl'
+        SELECT id FROM paliad.proceeding_types WHERE code = 'upc.apl.unified'
        )
   FROM paliad.proceeding_types pt
  WHERE pt.id = dr.proceeding_type_id
@@ -204,8 +214,7 @@ UPDATE paliad.deadline_rules dr
 -- ---------------------------------------------------------------
 
 UPDATE paliad.proceeding_types
-   SET is_active = false,
-       updated_at = now()
+   SET is_active = false
  WHERE code IN ('upc.apl.merits', 'upc.apl.cost', 'upc.apl.order');
 
 -- ---------------------------------------------------------------
@@ -221,10 +230,10 @@ BEGIN
     SELECT COUNT(*) INTO unified_count
       FROM paliad.deadline_rules dr
       JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
-     WHERE pt.code = 'upc.apl' AND dr.is_active = true;
-    RAISE NOTICE '[mig 134] post: rules on unified upc.apl = % (expected 16)', unified_count;
+     WHERE pt.code = 'upc.apl.unified' AND dr.is_active = true;
+    RAISE NOTICE '[mig 134] post: rules on unified upc.apl.unified = % (expected 16)', unified_count;
     IF unified_count <> 16 THEN
-        RAISE EXCEPTION '[mig 134] FAILED — expected 16 rules on upc.apl, got %', unified_count;
+        RAISE EXCEPTION '[mig 134] FAILED — expected 16 rules on upc.apl.unified, got %', unified_count;
     END IF;
 
     SELECT COUNT(*) INTO archived_count
@@ -240,7 +249,7 @@ BEGIN
         SELECT unnest(applies_to_target) AS target, COUNT(*) AS n
           FROM paliad.deadline_rules dr
           JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
-         WHERE pt.code = 'upc.apl' AND dr.is_active = true
+         WHERE pt.code = 'upc.apl.unified' AND dr.is_active = true
          GROUP BY unnest(applies_to_target)
          ORDER BY 1
     LOOP

internal/db/migrations/136_procedural_events_additive.down.sql

@@ -0,0 +1,19 @@
+-- 136_procedural_events_additive (down) — Slice B.1, t-paliad-273
+--
+-- Safe to run at any point in B.1's lifetime. Up does NOT touch
+-- paliad.deadline_rules, so dropping the new tables + columns loses no
+-- application data — every source row in deadline_rules is intact and
+-- authoritative through the dual-write window.
+--
+-- Reverse order: drop indexes implicitly via DROP TABLE, drop the two
+-- deadlines link columns first (their FKs target procedural_events +
+-- sequencing_rules), then drop the three new tables in FK-safe order
+-- (sequencing_rules → procedural_events → legal_sources).
+
+ALTER TABLE paliad.deadlines
+    DROP COLUMN IF EXISTS procedural_event_id,
+    DROP COLUMN IF EXISTS sequencing_rule_id;
+
+DROP TABLE IF EXISTS paliad.sequencing_rules;
+DROP TABLE IF EXISTS paliad.procedural_events;
+DROP TABLE IF EXISTS paliad.legal_sources;

internal/db/migrations/136_procedural_events_additive.up.sql

@@ -0,0 +1,488 @@
+-- 136_procedural_events_additive — Slice B.1, t-paliad-273 / m/paliad#93
+--
+-- ADDITIVE ONLY. Creates the three new tables that split today's
+-- paliad.deadline_rules into its three latent concepts (per the
+-- 2026-05-25 inventor design + 2026-05-26 B.0 re-validation):
+--
+--   1. paliad.legal_sources        — the source-of-law citations
+--                                    (DE.PatG.102, UPC.RoP.220.1, …)
+--   2. paliad.procedural_events    — the procedural-event templates
+--                                    (Rechtsbeschwerdebegründung, etc.;
+--                                    successor of `submission_code`)
+--   3. paliad.sequencing_rules     — the timing + trigger + condition
+--                                    mechanics (today's per-row data)
+--
+-- and adds two nullable link columns on paliad.deadlines so B.2's
+-- dual-write phase has somewhere to point.
+--
+-- The migration does NOT touch paliad.deadline_rules. The legacy table
+-- stays intact and authoritative for reads until B.3 flips the cutover.
+-- deadlines.rule_id stays in place (read by the calculator + projection
+-- service). No app code is changed by this migration; B.2 introduces
+-- the dual-write that wires services to the new tables.
+--
+-- Backfill plan (cf. design §5.1 + B.0 findings §7):
+--   * legal_sources <- DISTINCT legal_source FROM deadline_rules WHERE
+--                       legal_source IS NOT NULL. pretty_de/pretty_en
+--                       LEFT NULL for now (legalSourcePretty() in Go
+--                       continues to materialise them on read; a future
+--                       slice backfills them via a Go shim).
+--   * procedural_events <-
+--       (a) DISTINCT ON (submission_code) FROM deadline_rules WHERE
+--           submission_code IS NOT NULL — picks the lowest-id rule per
+--           code as the procedural-event identity source.
+--       (b) one synthetic procedural_event per NULL-submission_code
+--           rule, code = 'null.' || substring(replace(id::text,'-',''),1,8).
+--           m's pick (paliadin instruction 2026-05-26): mint synthetic
+--           codes so every deadline_rules row ends up with a
+--           procedural_events row, preserving the 1:1 sequencing-rule
+--           backfill and keeping the NOT NULL FK on
+--           sequencing_rules.procedural_event_id intact.
+--   * sequencing_rules <- 1:1 from deadline_rules. The new row inherits
+--           the source row's id so that any existing
+--           paliad.deadlines.rule_id FK target stays resolvable through
+--           the dual-write window (design §5.1 step 4).
+--   * deadlines.procedural_event_id + sequencing_rule_id <- joined from
+--           sequencing_rules on the inherited id.
+--
+-- Design deviations (intentional, documented):
+--   - procedural_events.event_kind is NULLABLE (design proposed NOT NULL
+--     with 'other' fallback). Today 89 deadline_rules rows have NULL
+--     event_type — these are "structural / parent-only rows in the
+--     proceeding tree" per B.0 §1. Forcing them to 'other' would lose
+--     semantics. A later slice can tighten this to NOT NULL after the
+--     78+11 NULLs are reclassified.
+--   - legal_sources.pretty_de / pretty_en are NULLABLE (design proposed
+--     NOT NULL). Materialising them requires the Go-side
+--     legalSourcePretty() function — out of scope for a SQL migration.
+--     The Go read path continues to compute them on the fly from
+--     legal_source / citation; a future slice (Go shim driven from
+--     internal/services/submission_vars.go:619) backfills them.
+--   - submission_drafts is NOT modified. The design proposes adding
+--     procedural_event_id there too (§4.1 §5.1 step 6) but the B.1
+--     instruction scope is explicit: tables + deadlines columns only.
+--     submission_drafts continues to key off submission_code text.
+--
+-- Audit pattern follows mig 135 (Slice B3): PRE-pass counts what we
+-- expect to write, BACKFILL runs the SELECT-INSERTs, POST-pass verifies
+-- row counts and FK integrity. Any mismatch RAISE EXCEPTIONs and the
+-- transaction rolls back — operator sees the NOTICE lines and the
+-- failed assertion message.
+--
+-- See: docs/design-procedural-events-model-2026-05-25.md §4 + §5
+--      docs/design-procedural-events-b0-findings-2026-05-26.md §7
+
+-- ---------------------------------------------------------------
+-- 0. PRE pass — snapshot what we're about to backfill
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    v_rules           int;
+    v_codes_nn        int;
+    v_codes_distinct  int;
+    v_codes_null      int;
+    v_legal_distinct  int;
+    v_concept_linked  int;
+    v_dups            int;
+BEGIN
+    SELECT COUNT(*) INTO v_rules            FROM paliad.deadline_rules;
+    SELECT COUNT(*) INTO v_codes_nn         FROM paliad.deadline_rules WHERE submission_code IS NOT NULL;
+    SELECT COUNT(DISTINCT submission_code) INTO v_codes_distinct
+                                            FROM paliad.deadline_rules WHERE submission_code IS NOT NULL;
+    SELECT COUNT(*) INTO v_codes_null       FROM paliad.deadline_rules WHERE submission_code IS NULL;
+    SELECT COUNT(DISTINCT legal_source) INTO v_legal_distinct
+                                            FROM paliad.deadline_rules WHERE legal_source IS NOT NULL;
+    SELECT COUNT(*) INTO v_concept_linked   FROM paliad.deadline_rules WHERE concept_id IS NOT NULL;
+
+    RAISE NOTICE '[mig 136] PRE: deadline_rules=%, with_submission_code=%, distinct_codes=%, null_codes=%, distinct_legal_sources=%, concept_linked=%',
+        v_rules, v_codes_nn, v_codes_distinct, v_codes_null, v_legal_distinct, v_concept_linked;
+
+    -- Defensive: refuse to run if multi-row submission_codes have crept
+    -- back in. B.0 (2026-05-26) found zero; mig 134 + 135 do not add
+    -- any. If this CHECK ever fires the backfill arithmetic below
+    -- breaks silently (one PE per code becomes ambiguous), so abort.
+    SELECT COUNT(*) INTO v_dups FROM (
+        SELECT submission_code
+          FROM paliad.deadline_rules
+         WHERE submission_code IS NOT NULL
+         GROUP BY submission_code
+        HAVING COUNT(*) > 1
+    ) d;
+    IF v_dups > 0 THEN
+        RAISE EXCEPTION '[mig 136] FAILED PRE: % submission_code value(s) appear on >1 deadline_rules row. '
+            'The B.0 audit (2026-05-26) found zero. If you are seeing this, a rule was added that '
+            'duplicates an existing submission_code (or the _archived_litigation.* rows returned). '
+            'Decide whether the new schema collapses them (multiple sequencing rules → one '
+            'procedural event) or whether each row gets its own code, then update this migration '
+            'or the offending data before re-running.', v_dups;
+    END IF;
+END $$;
+
+-- ---------------------------------------------------------------
+-- 1. CREATE TABLE paliad.legal_sources
+-- ---------------------------------------------------------------
+
+CREATE TABLE paliad.legal_sources (
+    id           uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+    citation     text NOT NULL UNIQUE,
+    jurisdiction text NOT NULL,
+    pretty_de    text,
+    pretty_en    text,
+    notes        text,
+    created_at   timestamptz NOT NULL DEFAULT now(),
+    updated_at   timestamptz NOT NULL DEFAULT now()
+);
+
+COMMENT ON TABLE paliad.legal_sources IS
+    'Source-of-law citations (DE.PatG.102, UPC.RoP.220.1, …). One row per '
+    'distinct citation shorthand. pretty_de/pretty_en backfilled by a '
+    'future Go-driven slice; until then NULL and the Go service ('
+    'internal/services/submission_vars.go:619 legalSourcePretty) computes '
+    'the human-readable form on read from the citation. Slice B.1 t-paliad-273.';
+
+CREATE INDEX legal_sources_jurisdiction_idx ON paliad.legal_sources(jurisdiction);
+
+-- ---------------------------------------------------------------
+-- 2. CREATE TABLE paliad.procedural_events
+-- ---------------------------------------------------------------
+
+CREATE TABLE paliad.procedural_events (
+    id                    uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+    code                  text NOT NULL UNIQUE,
+    name                  text NOT NULL,
+    name_en               text NOT NULL DEFAULT '',
+    description           text,
+    event_kind            text,
+    primary_party_default text,
+    legal_source_id       uuid REFERENCES paliad.legal_sources(id),
+    concept_id            uuid REFERENCES paliad.deadline_concepts(id),
+    lifecycle_state       text NOT NULL DEFAULT 'published',
+    draft_of              uuid REFERENCES paliad.procedural_events(id),
+    published_at          timestamptz,
+    is_active             boolean NOT NULL DEFAULT true,
+    created_at            timestamptz NOT NULL DEFAULT now(),
+    updated_at            timestamptz NOT NULL DEFAULT now()
+);
+
+COMMENT ON TABLE paliad.procedural_events IS
+    'Procedural-event templates — the "what kind of step is this in the '
+    'proceeding" hat of the legacy paliad.deadline_rules row. One row per '
+    'unique submission_code, plus one synthetic row per NULL-submission_code '
+    'rule (code prefix "null."). Slice B.1 t-paliad-273.';
+
+COMMENT ON COLUMN paliad.procedural_events.event_kind IS
+    'filing|reply|hearing|decision|order|other. NULLABLE for now — 89 '
+    'rules in the live corpus have NULL event_type (structural / parent-only '
+    'rows in the proceeding tree). A future slice can tighten to NOT NULL '
+    'after these are reclassified.';
+
+COMMENT ON COLUMN paliad.procedural_events.concept_id IS
+    'Optional reference to a deadline_concepts row. N:1 — one concept may '
+    'be shared by many procedural events (e.g. "Berufungsfrist" attaches to '
+    'all four court-specific Berufung procedural events). Do NOT add UNIQUE.';
+
+CREATE INDEX procedural_events_concept_id_idx     ON paliad.procedural_events(concept_id);
+CREATE INDEX procedural_events_event_kind_idx     ON paliad.procedural_events(event_kind);
+CREATE INDEX procedural_events_lifecycle_idx      ON paliad.procedural_events(lifecycle_state);
+CREATE INDEX procedural_events_legal_source_idx   ON paliad.procedural_events(legal_source_id);
+
+-- ---------------------------------------------------------------
+-- 3. CREATE TABLE paliad.sequencing_rules
+-- ---------------------------------------------------------------
+
+CREATE TABLE paliad.sequencing_rules (
+    id                       uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+    procedural_event_id      uuid NOT NULL REFERENCES paliad.procedural_events(id),
+    proceeding_type_id       integer REFERENCES paliad.proceeding_types(id),
+    parent_id                uuid REFERENCES paliad.sequencing_rules(id),
+    trigger_event_id         bigint REFERENCES paliad.trigger_events(id),
+    duration_value           integer NOT NULL DEFAULT 0,
+    duration_unit            text NOT NULL DEFAULT 'months',
+    timing                   text DEFAULT 'after',
+    alt_duration_value       integer,
+    alt_duration_unit        text,
+    alt_rule_code            text,
+    anchor_alt               text,
+    combine_op               text,
+    condition_expr           jsonb,
+    primary_party            text,
+    sequence_order           integer NOT NULL DEFAULT 0,
+    is_spawn                 boolean NOT NULL DEFAULT false,
+    spawn_label              text,
+    spawn_proceeding_type_id integer REFERENCES paliad.proceeding_types(id),
+    is_bilateral             boolean NOT NULL DEFAULT false,
+    is_court_set             boolean NOT NULL DEFAULT false,
+    priority                 text NOT NULL DEFAULT 'mandatory',
+    rule_code                text,
+    rule_codes               text[],
+    deadline_notes           text,
+    deadline_notes_en        text,
+    choices_offered          jsonb,
+    applies_to_target        text[],
+    lifecycle_state          text NOT NULL DEFAULT 'published',
+    draft_of                 uuid REFERENCES paliad.sequencing_rules(id),
+    published_at             timestamptz,
+    is_active                boolean NOT NULL DEFAULT true,
+    created_at               timestamptz NOT NULL DEFAULT now(),
+    updated_at               timestamptz NOT NULL DEFAULT now()
+);
+
+COMMENT ON TABLE paliad.sequencing_rules IS
+    'Sequencing-rule mechanics — the "how and when does this fire" hat of '
+    'the legacy paliad.deadline_rules row. 1:1 with deadline_rules during '
+    'the dual-write window; the id is inherited from deadline_rules.id so '
+    'paliad.deadlines.rule_id FKs continue to resolve transitively. '
+    'Slice B.1 t-paliad-273.';
+
+COMMENT ON COLUMN paliad.sequencing_rules.primary_party IS
+    'Per-rule override of procedural_events.primary_party_default. Same '
+    'four-value vocab as deadline_rules.primary_party (mig 135 CHECK). '
+    'NULL = use procedural-event default. A future slice can add the '
+    'same CHECK here.';
+
+CREATE INDEX sequencing_rules_pe_proc_lifecycle_idx
+    ON paliad.sequencing_rules(procedural_event_id, proceeding_type_id, lifecycle_state);
+CREATE INDEX sequencing_rules_parent_id_idx       ON paliad.sequencing_rules(parent_id);
+CREATE INDEX sequencing_rules_trigger_event_idx   ON paliad.sequencing_rules(trigger_event_id);
+CREATE INDEX sequencing_rules_proceeding_type_idx ON paliad.sequencing_rules(proceeding_type_id);
+
+-- ---------------------------------------------------------------
+-- 4. ALTER paliad.deadlines — add link columns
+-- ---------------------------------------------------------------
+
+ALTER TABLE paliad.deadlines
+    ADD COLUMN procedural_event_id uuid REFERENCES paliad.procedural_events(id),
+    ADD COLUMN sequencing_rule_id  uuid REFERENCES paliad.sequencing_rules(id);
+
+COMMENT ON COLUMN paliad.deadlines.procedural_event_id IS
+    'NULLABLE link to the procedural event this deadline instantiates. '
+    'Added Slice B.1 (mig 136). B.2 dual-write populates it on every new '
+    'deadline; B.3 cutover flips reads to use this instead of rule_id. '
+    'rule_id stays in place until B.4 destructive drop.';
+COMMENT ON COLUMN paliad.deadlines.sequencing_rule_id IS
+    'NULLABLE link to the sequencing rule. Same lifecycle as '
+    'procedural_event_id — added Slice B.1, dual-written B.2, read in B.3, '
+    'rule_id dropped in B.4.';
+
+CREATE INDEX deadlines_procedural_event_id_idx ON paliad.deadlines(procedural_event_id);
+CREATE INDEX deadlines_sequencing_rule_id_idx  ON paliad.deadlines(sequencing_rule_id);
+
+-- ---------------------------------------------------------------
+-- 5. BACKFILL — legal_sources
+-- ---------------------------------------------------------------
+
+INSERT INTO paliad.legal_sources (citation, jurisdiction)
+SELECT DISTINCT
+    legal_source AS citation,
+    COALESCE(NULLIF(split_part(legal_source, '.', 1), ''), 'other') AS jurisdiction
+  FROM paliad.deadline_rules
+ WHERE legal_source IS NOT NULL;
+
+-- ---------------------------------------------------------------
+-- 6. BACKFILL — procedural_events
+--    (a) codes-bearing branch: DISTINCT ON (submission_code) picks the
+--        lowest-id (tie-break sequence_order) deadline_rules row as the
+--        identity source per the design's §5.1 step 3.
+--    (b) NULL-code branch: one synthetic row per rule, code minted from
+--        the rule id's first 8 hex chars (sans dashes) — m's pick
+--        2026-05-26 (paliadin instruction).
+-- ---------------------------------------------------------------
+
+-- (a) codes-bearing rules → one procedural_events row per distinct code
+INSERT INTO paliad.procedural_events
+    (code, name, name_en, description, event_kind, primary_party_default,
+     legal_source_id, concept_id, lifecycle_state, published_at, is_active)
+SELECT
+    src.submission_code,
+    src.name,
+    src.name_en,
+    src.description,
+    src.event_type,
+    src.primary_party,
+    ls.id,
+    src.concept_id,
+    src.lifecycle_state,
+    src.published_at,
+    src.is_active
+FROM (
+    SELECT DISTINCT ON (submission_code)
+        submission_code, name, name_en, description, event_type,
+        primary_party, concept_id, legal_source, lifecycle_state,
+        published_at, is_active
+      FROM paliad.deadline_rules
+     WHERE submission_code IS NOT NULL
+     ORDER BY submission_code, id, sequence_order
+) src
+LEFT JOIN paliad.legal_sources ls ON ls.citation = src.legal_source;
+
+-- (b) NULL-code rules → one synthetic procedural_events row each
+INSERT INTO paliad.procedural_events
+    (code, name, name_en, description, event_kind, primary_party_default,
+     legal_source_id, concept_id, lifecycle_state, published_at, is_active)
+SELECT
+    'null.' || substring(replace(dr.id::text, '-', ''), 1, 8) AS code,
+    dr.name,
+    dr.name_en,
+    dr.description,
+    dr.event_type,
+    dr.primary_party,
+    ls.id,
+    dr.concept_id,
+    dr.lifecycle_state,
+    dr.published_at,
+    dr.is_active
+  FROM paliad.deadline_rules dr
+  LEFT JOIN paliad.legal_sources ls ON ls.citation = dr.legal_source
+ WHERE dr.submission_code IS NULL;
+
+-- ---------------------------------------------------------------
+-- 7. BACKFILL — sequencing_rules
+--    1:1 with deadline_rules. id inherited so deadlines.rule_id FKs
+--    continue to resolve through the dual-write window (design §5.1
+--    step 4). procedural_event_id resolved by JOIN on the (real or
+--    synthetic) code.
+-- ---------------------------------------------------------------
+
+INSERT INTO paliad.sequencing_rules
+    (id, procedural_event_id, proceeding_type_id, parent_id, trigger_event_id,
+     duration_value, duration_unit, timing,
+     alt_duration_value, alt_duration_unit, alt_rule_code, anchor_alt,
+     combine_op, condition_expr, primary_party, sequence_order,
+     is_spawn, spawn_label, spawn_proceeding_type_id,
+     is_bilateral, is_court_set, priority,
+     rule_code, rule_codes, deadline_notes, deadline_notes_en,
+     choices_offered, applies_to_target,
+     lifecycle_state, draft_of, published_at, is_active,
+     created_at, updated_at)
+SELECT
+    dr.id,
+    pe.id,
+    dr.proceeding_type_id,
+    dr.parent_id,
+    dr.trigger_event_id,
+    dr.duration_value, dr.duration_unit, dr.timing,
+    dr.alt_duration_value, dr.alt_duration_unit, dr.alt_rule_code, dr.anchor_alt,
+    dr.combine_op, dr.condition_expr, dr.primary_party, dr.sequence_order,
+    dr.is_spawn, dr.spawn_label, dr.spawn_proceeding_type_id,
+    dr.is_bilateral, dr.is_court_set, dr.priority,
+    dr.rule_code, dr.rule_codes, dr.deadline_notes, dr.deadline_notes_en,
+    dr.choices_offered, dr.applies_to_target,
+    dr.lifecycle_state,
+    -- draft_of is a self-FK on deadline_rules; preserve as a self-FK on
+    -- sequencing_rules since the inherited ids are stable across both.
+    dr.draft_of,
+    dr.published_at, dr.is_active,
+    dr.created_at, dr.updated_at
+  FROM paliad.deadline_rules dr
+  JOIN paliad.procedural_events pe
+    ON pe.code = COALESCE(
+         dr.submission_code,
+         'null.' || substring(replace(dr.id::text, '-', ''), 1, 8)
+       );
+
+-- ---------------------------------------------------------------
+-- 8. BACKFILL — paliad.deadlines link columns
+-- ---------------------------------------------------------------
+
+UPDATE paliad.deadlines d
+   SET procedural_event_id = sr.procedural_event_id,
+       sequencing_rule_id  = sr.id
+  FROM paliad.sequencing_rules sr
+ WHERE d.rule_id = sr.id;
+
+-- ---------------------------------------------------------------
+-- 9. POST pass — integrity assertions
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    v_dr_total           int;
+    v_dr_codes_distinct  int;
+    v_dr_codes_null      int;
+    v_dr_legal_distinct  int;
+    v_pe_total           int;
+    v_sr_total           int;
+    v_ls_total           int;
+    v_orphan_pe          int;
+    v_dup_synthetic      int;
+    v_deadlines_linked   int;
+    v_deadlines_total    int;
+    v_pe_missing_ls      int;
+BEGIN
+    SELECT COUNT(*)                    INTO v_dr_total          FROM paliad.deadline_rules;
+    SELECT COUNT(DISTINCT submission_code)
+                                       INTO v_dr_codes_distinct FROM paliad.deadline_rules WHERE submission_code IS NOT NULL;
+    SELECT COUNT(*)                    INTO v_dr_codes_null     FROM paliad.deadline_rules WHERE submission_code IS NULL;
+    SELECT COUNT(DISTINCT legal_source)
+                                       INTO v_dr_legal_distinct FROM paliad.deadline_rules WHERE legal_source IS NOT NULL;
+    SELECT COUNT(*)                    INTO v_pe_total          FROM paliad.procedural_events;
+    SELECT COUNT(*)                    INTO v_sr_total          FROM paliad.sequencing_rules;
+    SELECT COUNT(*)                    INTO v_ls_total          FROM paliad.legal_sources;
+    SELECT COUNT(*)                    INTO v_deadlines_total   FROM paliad.deadlines;
+    SELECT COUNT(*)                    INTO v_deadlines_linked  FROM paliad.deadlines WHERE procedural_event_id IS NOT NULL;
+
+    -- a. procedural_events row count = distinct_codes + null_codes
+    IF v_pe_total <> v_dr_codes_distinct + v_dr_codes_null THEN
+        RAISE EXCEPTION '[mig 136] FAILED POST: procedural_events count mismatch — got %, expected % (% distinct codes + % null-code rules)',
+            v_pe_total, v_dr_codes_distinct + v_dr_codes_null, v_dr_codes_distinct, v_dr_codes_null;
+    END IF;
+
+    -- b. sequencing_rules row count = deadline_rules row count (1:1)
+    IF v_sr_total <> v_dr_total THEN
+        RAISE EXCEPTION '[mig 136] FAILED POST: sequencing_rules count mismatch — got %, expected % (1:1 with deadline_rules)',
+            v_sr_total, v_dr_total;
+    END IF;
+
+    -- c. legal_sources row count = distinct legal_source in deadline_rules
+    IF v_ls_total <> v_dr_legal_distinct THEN
+        RAISE EXCEPTION '[mig 136] FAILED POST: legal_sources count mismatch — got %, expected % (distinct legal_source)',
+            v_ls_total, v_dr_legal_distinct;
+    END IF;
+
+    -- d. every sequencing_rules row's procedural_event_id resolves
+    SELECT COUNT(*)
+      INTO v_orphan_pe
+      FROM paliad.sequencing_rules sr
+      LEFT JOIN paliad.procedural_events pe ON pe.id = sr.procedural_event_id
+     WHERE pe.id IS NULL;
+    IF v_orphan_pe > 0 THEN
+        RAISE EXCEPTION '[mig 136] FAILED POST: % sequencing_rules row(s) have no resolving procedural_event_id', v_orphan_pe;
+    END IF;
+
+    -- e. no two synthetic codes collide (would have crashed the INSERT
+    --    via UNIQUE, but assert again for clarity — collision among 78
+    --    UUIDs at 8 hex chars is ~6e-7 probability)
+    SELECT COUNT(*)
+      INTO v_dup_synthetic
+      FROM (
+        SELECT code, COUNT(*) AS n
+          FROM paliad.procedural_events
+         WHERE code LIKE 'null.%'
+         GROUP BY code
+        HAVING COUNT(*) > 1
+      ) d;
+    IF v_dup_synthetic > 0 THEN
+        RAISE EXCEPTION '[mig 136] FAILED POST: % synthetic codes collided. '
+            'Re-run with a longer substring (16 hex chars instead of 8) '
+            'or full uuid in the code-mint expression.', v_dup_synthetic;
+    END IF;
+
+    -- f. every procedural_events.legal_source_id either resolves or is
+    --    NULL (NULL is fine — 119 of 231 rules have NULL legal_source)
+    SELECT COUNT(*)
+      INTO v_pe_missing_ls
+      FROM paliad.procedural_events pe
+      LEFT JOIN paliad.legal_sources ls ON ls.id = pe.legal_source_id
+     WHERE pe.legal_source_id IS NOT NULL
+       AND ls.id IS NULL;
+    IF v_pe_missing_ls > 0 THEN
+        RAISE EXCEPTION '[mig 136] FAILED POST: % procedural_events row(s) reference a missing legal_sources id', v_pe_missing_ls;
+    END IF;
+
+    RAISE NOTICE '[mig 136] POST: legal_sources=%, procedural_events=%, sequencing_rules=%, deadlines=% (% linked)',
+        v_ls_total, v_pe_total, v_sr_total, v_deadlines_total, v_deadlines_linked;
+    RAISE NOTICE '[mig 136] integrity OK — backfill complete. '
+                 'deadline_rules untouched (1:1 with sequencing_rules; '
+                 'ready for B.2 dual-write).';
+END $$;

internal/db/migrations/137_proceeding_role_labels.down.sql

@@ -0,0 +1,18 @@
+-- 137_proceeding_role_labels — DOWN
+--
+-- Drops the 4 role-label columns. Backfilled data is lost on
+-- down-migration; that's acceptable because the frontend renderer
+-- falls back to the default labels ("Klägerseite" / "Beklagtenseite")
+-- when the columns are absent.
+
+ALTER TABLE paliad.proceeding_types
+    DROP COLUMN IF EXISTS role_reactive_label_en;
+
+ALTER TABLE paliad.proceeding_types
+    DROP COLUMN IF EXISTS role_reactive_label_de;
+
+ALTER TABLE paliad.proceeding_types
+    DROP COLUMN IF EXISTS role_proactive_label_en;
+
+ALTER TABLE paliad.proceeding_types
+    DROP COLUMN IF EXISTS role_proactive_label_de;

internal/db/migrations/137_proceeding_role_labels.up.sql

@@ -0,0 +1,137 @@
+-- 137_proceeding_role_labels — t-paliad-301, m/paliad#132
+--
+-- Bug A fix: per-proceeding role labels so the Verfahrensablauf side
+-- selector can render "Berufungskläger / Berufungsbeklagter" for the
+-- unified UPC Berufung tile instead of the generic "Klägerseite /
+-- Beklagtenseite".
+--
+-- Four new optional columns on paliad.proceeding_types. NULL on a
+-- column falls back to the language-default ("Klägerseite" / "Claimant
+-- side" / "Beklagtenseite" / "Defendant side") in the frontend renderer.
+-- Only the proceedings whose role-naming actually differs get a backfill.
+--
+-- Live-DB audit (mcp__supabase__execute_sql) before drafting:
+--   - paliad.proceeding_types has 14 columns; the 4 target columns do
+--     NOT exist (zero name collisions).
+--   - Zero triggers on paliad.proceeding_types. No audit_reason
+--     setup needed.
+--   - No updated_at / created_at on the table — DO NOT include
+--     timestamp UPDATEs (lesson from mig 134 HOTFIX 3).
+--
+-- ADDITIVE ONLY. ALTER + UPDATE statements; no CHECK constraints
+-- (the columns are free-text labels, validated at the application layer).
+-- Down migration drops the 4 columns.
+--
+-- See m/paliad#132 for the full design rationale + the role-label
+-- matrix per proceeding code.
+
+-- ---------------------------------------------------------------
+-- 1. Schema additions
+-- ---------------------------------------------------------------
+
+ALTER TABLE paliad.proceeding_types
+    ADD COLUMN role_proactive_label_de text NULL;
+
+ALTER TABLE paliad.proceeding_types
+    ADD COLUMN role_proactive_label_en text NULL;
+
+ALTER TABLE paliad.proceeding_types
+    ADD COLUMN role_reactive_label_de text NULL;
+
+ALTER TABLE paliad.proceeding_types
+    ADD COLUMN role_reactive_label_en text NULL;
+
+COMMENT ON COLUMN paliad.proceeding_types.role_proactive_label_de IS
+    'DE label for the proactive (claimant-equivalent) side of this '
+    'proceeding. NULL = renderer falls back to "Klägerseite". '
+    't-paliad-301 / m/paliad#132 Bug A.';
+COMMENT ON COLUMN paliad.proceeding_types.role_proactive_label_en IS
+    'EN label for the proactive side. NULL = "Claimant side".';
+COMMENT ON COLUMN paliad.proceeding_types.role_reactive_label_de IS
+    'DE label for the reactive (defendant-equivalent) side. NULL = '
+    '"Beklagtenseite".';
+COMMENT ON COLUMN paliad.proceeding_types.role_reactive_label_en IS
+    'EN label for the reactive side. NULL = "Defendant side".';
+
+-- ---------------------------------------------------------------
+-- 2. Audit-first NOTICE pass.
+--
+-- Lists which proceeding_types are about to receive a backfill so
+-- the operator sees the scope before the UPDATE fires. NULL columns
+-- on every other row stay NULL (the frontend falls back to defaults).
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    rec record;
+    backfill_count int := 0;
+BEGIN
+    RAISE NOTICE '[mig 137] Proceedings that will receive role-label backfill:';
+    FOR rec IN
+        SELECT code, name
+          FROM paliad.proceeding_types
+         WHERE code IN ('upc.apl.unified', 'upc.rev.cfi', 'epa.opp.opd', 'epa.opp.boa')
+         ORDER BY code
+    LOOP
+        RAISE NOTICE '[mig 137]   %  %', rec.code, rec.name;
+        backfill_count := backfill_count + 1;
+    END LOOP;
+    RAISE NOTICE '[mig 137] Total: % proceedings (others stay NULL → renderer default)', backfill_count;
+END $$;
+
+-- ---------------------------------------------------------------
+-- 3. Backfill.
+--
+-- Per the design matrix in m/paliad#132:
+--   - upc.apl.unified → Berufungskläger / Berufungsbeklagter / Appellant / Appellee
+--   - upc.rev.cfi     → Antragsteller (Nichtigkeit) / Antragsgegner (Nichtigkeit) /
+--                       Revocation claimant / Revocation defendant
+--   - epa.opp.opd     → Einsprechende(r) / Patentinhaber(in) /
+--                       Opponent / Patentee
+--   - epa.opp.boa     → Einsprechende(r) / Patentinhaber(in) /
+--                       Opponent / Patentee
+--   - (others)        → stay NULL → frontend defaults
+-- ---------------------------------------------------------------
+
+UPDATE paliad.proceeding_types
+   SET role_proactive_label_de = 'Berufungskläger',
+       role_reactive_label_de  = 'Berufungsbeklagter',
+       role_proactive_label_en = 'Appellant',
+       role_reactive_label_en  = 'Appellee'
+ WHERE code = 'upc.apl.unified';
+
+UPDATE paliad.proceeding_types
+   SET role_proactive_label_de = 'Antragsteller (Nichtigkeit)',
+       role_reactive_label_de  = 'Antragsgegner (Nichtigkeit)',
+       role_proactive_label_en = 'Revocation claimant',
+       role_reactive_label_en  = 'Revocation defendant'
+ WHERE code = 'upc.rev.cfi';
+
+UPDATE paliad.proceeding_types
+   SET role_proactive_label_de = 'Einsprechende(r)',
+       role_reactive_label_de  = 'Patentinhaber(in)',
+       role_proactive_label_en = 'Opponent',
+       role_reactive_label_en  = 'Patentee'
+ WHERE code IN ('epa.opp.opd', 'epa.opp.boa');
+
+-- ---------------------------------------------------------------
+-- 4. Post-migration NOTICE — informational only.
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    rec record;
+BEGIN
+    RAISE NOTICE '[mig 137] post: backfilled role-label distribution:';
+    FOR rec IN
+        SELECT code,
+               role_proactive_label_de,
+               role_reactive_label_de
+          FROM paliad.proceeding_types
+         WHERE role_proactive_label_de IS NOT NULL
+         ORDER BY code
+    LOOP
+        RAISE NOTICE '[mig 137]   %  proactive=%  reactive=%',
+            rec.code, rec.role_proactive_label_de, rec.role_reactive_label_de;
+    END LOOP;
+END $$;

internal/db/migrations/138_appeal_target_backfill_merits_order.down.sql

@@ -0,0 +1,71 @@
+-- 138_appeal_target_backfill_merits_order DOWN — t-paliad-303, m/paliad#134
+--
+-- Removes 'schadensbemessung' from the merits-track rules and
+-- 'bucheinsicht' from the order-track rules, restoring the pre-137
+-- shape (endentscheidung-only / anordnung-only / kostenentscheidung-only).
+
+-- ---------------------------------------------------------------
+-- 0. Audit reason (required by mig 079 trigger for any UPDATE on
+--    paliad.deadline_rules).
+-- ---------------------------------------------------------------
+
+SELECT set_config(
+    'paliad.audit_reason',
+    'mig 138 DOWN: t-paliad-303 — strip Schadensbemessung/Bucheinsicht from applies_to_target per m/paliad#134',
+    true);
+
+-- ---------------------------------------------------------------
+-- 1. Strip new targets via array_remove.
+--
+-- WHERE clauses pinned to upc.apl.unified to avoid touching unrelated
+-- rules that might have been added later under other proceeding types.
+-- ---------------------------------------------------------------
+
+-- 1a. Remove schadensbemessung from merits-track rows.
+UPDATE paliad.deadline_rules dr
+   SET applies_to_target = array_remove(dr.applies_to_target, 'schadensbemessung')
+  FROM paliad.proceeding_types pt
+ WHERE pt.id = dr.proceeding_type_id
+   AND pt.code = 'upc.apl.unified'
+   AND dr.is_active = true
+   AND 'schadensbemessung' = ANY(dr.applies_to_target);
+
+-- 1b. Remove bucheinsicht from order-track rows.
+UPDATE paliad.deadline_rules dr
+   SET applies_to_target = array_remove(dr.applies_to_target, 'bucheinsicht')
+  FROM paliad.proceeding_types pt
+ WHERE pt.id = dr.proceeding_type_id
+   AND pt.code = 'upc.apl.unified'
+   AND dr.is_active = true
+   AND 'bucheinsicht' = ANY(dr.applies_to_target);
+
+-- ---------------------------------------------------------------
+-- 2. Sanity check — no row may carry the new targets after the down.
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    schad_left int;
+    buch_left int;
+BEGIN
+    SELECT COUNT(*) INTO schad_left
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'schadensbemessung' = ANY(dr.applies_to_target);
+    SELECT COUNT(*) INTO buch_left
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'bucheinsicht' = ANY(dr.applies_to_target);
+
+    IF schad_left > 0 THEN
+        RAISE EXCEPTION '[mig 138 DOWN] FAILED — % rows still carry schadensbemessung', schad_left;
+    END IF;
+    IF buch_left > 0 THEN
+        RAISE EXCEPTION '[mig 138 DOWN] FAILED — % rows still carry bucheinsicht', buch_left;
+    END IF;
+    RAISE NOTICE '[mig 138 DOWN] stripped schadensbemessung + bucheinsicht from upc.apl.unified rules';
+END $$;

internal/db/migrations/138_appeal_target_backfill_merits_order.up.sql

@@ -0,0 +1,232 @@
+-- 138_appeal_target_backfill_merits_order — t-paliad-303, m/paliad#134
+--
+-- Slice B1 (mig 134) introduced the unified upc.apl.unified proceeding type
+-- with 5 appeal_target enum values: endentscheidung, kostenentscheidung,
+-- anordnung, schadensbemessung, bucheinsicht. The first three each carry
+-- rules; schadensbemessung and bucheinsicht returned an empty timeline
+-- because no rules referenced them yet.
+--
+-- m's 2026-05-26 decision (#134): extend applies_to_target on the existing
+-- rules — Schadensbemessung := merits track (R.224 anchored on R.118
+-- substantive decisions), Bucheinsicht := order track (R.220.2 +
+-- R.224.2.b + R.235.2 + R.237 + R.238.2 etc.). Legal premise verified
+-- against the 16 live rules — every endentscheidung rule is a generic
+-- R.224 merits step, every anordnung rule is a generic R.220/224/235/237/
+-- 238 order step. No rule carries content specific to a particular kind
+-- of underlying decision/order. Audit on the comment trail of #134.
+
+-- ---------------------------------------------------------------
+-- 0. Audit reason (required by mig 079 trigger for any UPDATE on
+--    paliad.deadline_rules — both UPDATEs below trigger it).
+-- ---------------------------------------------------------------
+
+SELECT set_config(
+    'paliad.audit_reason',
+    'mig 138: t-paliad-303 — extend applies_to_target for Schadensbemessung (merits) + Bucheinsicht (order) per m/paliad#134',
+    true);
+
+-- ---------------------------------------------------------------
+-- 1. Audit-first DO block.
+--
+-- Resolve upc.apl.unified, count the rows we are about to touch, and
+-- RAISE EXCEPTION if anything looks wrong (proceeding type missing,
+-- merits/order rule counts off, or a rule already carries the new
+-- target — which would mean an earlier partial run).
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    rec record;
+    upc_apl_id int;
+    merits_count int;
+    order_count int;
+    schad_already int;
+    buch_already int;
+BEGIN
+    SELECT id INTO upc_apl_id
+      FROM paliad.proceeding_types
+     WHERE code = 'upc.apl.unified';
+    IF upc_apl_id IS NULL THEN
+        RAISE EXCEPTION '[mig 138] upc.apl.unified proceeding_type not found — mig 134 must run first';
+    END IF;
+    RAISE NOTICE '[mig 138] upc.apl.unified proceeding_type_id = %', upc_apl_id;
+
+    SELECT COUNT(*) INTO merits_count
+      FROM paliad.deadline_rules
+     WHERE proceeding_type_id = upc_apl_id
+       AND is_active = true
+       AND 'endentscheidung' = ANY(applies_to_target);
+    SELECT COUNT(*) INTO order_count
+      FROM paliad.deadline_rules
+     WHERE proceeding_type_id = upc_apl_id
+       AND is_active = true
+       AND 'anordnung' = ANY(applies_to_target);
+
+    RAISE NOTICE '[mig 138] live counts: endentscheidung=% anordnung=%', merits_count, order_count;
+    IF merits_count <> 7 THEN
+        RAISE EXCEPTION '[mig 138] expected 7 endentscheidung rules under upc.apl.unified, got %', merits_count;
+    END IF;
+    IF order_count <> 7 THEN
+        RAISE EXCEPTION '[mig 138] expected 7 anordnung rules under upc.apl.unified, got %', order_count;
+    END IF;
+
+    SELECT COUNT(*) INTO schad_already
+      FROM paliad.deadline_rules
+     WHERE proceeding_type_id = upc_apl_id
+       AND is_active = true
+       AND 'schadensbemessung' = ANY(applies_to_target);
+    SELECT COUNT(*) INTO buch_already
+      FROM paliad.deadline_rules
+     WHERE proceeding_type_id = upc_apl_id
+       AND is_active = true
+       AND 'bucheinsicht' = ANY(applies_to_target);
+    IF schad_already > 0 THEN
+        RAISE EXCEPTION '[mig 138] % rules already carry schadensbemessung — partial run?', schad_already;
+    END IF;
+    IF buch_already > 0 THEN
+        RAISE EXCEPTION '[mig 138] % rules already carry bucheinsicht — partial run?', buch_already;
+    END IF;
+
+    RAISE NOTICE '[mig 138] rules to extend with schadensbemessung (merits track):';
+    FOR rec IN
+        SELECT dr.id, dr.rule_code, dr.legal_source, dr.name, dr.applies_to_target
+          FROM paliad.deadline_rules dr
+         WHERE dr.proceeding_type_id = upc_apl_id
+           AND dr.is_active = true
+           AND 'endentscheidung' = ANY(dr.applies_to_target)
+         ORDER BY dr.sequence_order, dr.rule_code NULLS LAST
+    LOOP
+        RAISE NOTICE '[mig 138]   merits  %  %  %  pre=%  →  post=%',
+            COALESCE(rec.rule_code, '(no-code)'),
+            COALESCE(rec.legal_source, '(no-source)'),
+            rec.name,
+            rec.applies_to_target,
+            rec.applies_to_target || 'schadensbemessung'::text;
+    END LOOP;
+
+    RAISE NOTICE '[mig 138] rules to extend with bucheinsicht (order track):';
+    FOR rec IN
+        SELECT dr.id, dr.rule_code, dr.legal_source, dr.name, dr.applies_to_target
+          FROM paliad.deadline_rules dr
+         WHERE dr.proceeding_type_id = upc_apl_id
+           AND dr.is_active = true
+           AND 'anordnung' = ANY(dr.applies_to_target)
+         ORDER BY dr.sequence_order, dr.rule_code NULLS LAST
+    LOOP
+        RAISE NOTICE '[mig 138]   order   %  %  %  pre=%  →  post=%',
+            COALESCE(rec.rule_code, '(no-code)'),
+            COALESCE(rec.legal_source, '(no-source)'),
+            rec.name,
+            rec.applies_to_target,
+            rec.applies_to_target || 'bucheinsicht'::text;
+    END LOOP;
+END $$;
+
+-- ---------------------------------------------------------------
+-- 2. Extend applies_to_target.
+--
+-- Narrow WHERE clauses key off upc.apl.unified + existing target +
+-- absence of new target, so the UPDATEs are idempotent in spirit
+-- (the audit block above already RAISE EXCEPTIONed if any row
+-- already had the new value).
+-- ---------------------------------------------------------------
+
+-- 2a. Schadensbemessung := merits track (7 rules expected).
+UPDATE paliad.deadline_rules dr
+   SET applies_to_target = applies_to_target || 'schadensbemessung'::text
+  FROM paliad.proceeding_types pt
+ WHERE pt.id = dr.proceeding_type_id
+   AND pt.code = 'upc.apl.unified'
+   AND dr.is_active = true
+   AND 'endentscheidung' = ANY(dr.applies_to_target)
+   AND NOT ('schadensbemessung' = ANY(dr.applies_to_target));
+
+-- 2b. Bucheinsicht := order track (7 rules expected).
+UPDATE paliad.deadline_rules dr
+   SET applies_to_target = applies_to_target || 'bucheinsicht'::text
+  FROM paliad.proceeding_types pt
+ WHERE pt.id = dr.proceeding_type_id
+   AND pt.code = 'upc.apl.unified'
+   AND dr.is_active = true
+   AND 'anordnung' = ANY(dr.applies_to_target)
+   AND NOT ('bucheinsicht' = ANY(dr.applies_to_target));
+
+-- ---------------------------------------------------------------
+-- 3. Post-migration sanity check.
+--
+-- Hard-fail on any divergence: the two new targets must each cover
+-- 7 rules, the original three targets must be unchanged in count,
+-- and no rule has lost its prior target.
+-- ---------------------------------------------------------------
+
+DO $$
+DECLARE
+    schad_post int;
+    buch_post int;
+    end_post int;
+    anord_post int;
+    cost_post int;
+    target_distribution record;
+BEGIN
+    SELECT COUNT(*) INTO schad_post
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'schadensbemessung' = ANY(dr.applies_to_target);
+    SELECT COUNT(*) INTO buch_post
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'bucheinsicht' = ANY(dr.applies_to_target);
+    SELECT COUNT(*) INTO end_post
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'endentscheidung' = ANY(dr.applies_to_target);
+    SELECT COUNT(*) INTO anord_post
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'anordnung' = ANY(dr.applies_to_target);
+    SELECT COUNT(*) INTO cost_post
+      FROM paliad.deadline_rules dr
+      JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+     WHERE pt.code = 'upc.apl.unified'
+       AND dr.is_active = true
+       AND 'kostenentscheidung' = ANY(dr.applies_to_target);
+
+    RAISE NOTICE '[mig 138] post: schadensbemessung=%  bucheinsicht=%  endentscheidung=%  anordnung=%  kostenentscheidung=%',
+        schad_post, buch_post, end_post, anord_post, cost_post;
+
+    IF schad_post <> 7 THEN
+        RAISE EXCEPTION '[mig 138] FAILED — expected 7 schadensbemessung rules, got %', schad_post;
+    END IF;
+    IF buch_post <> 7 THEN
+        RAISE EXCEPTION '[mig 138] FAILED — expected 7 bucheinsicht rules, got %', buch_post;
+    END IF;
+    IF end_post <> 7 THEN
+        RAISE EXCEPTION '[mig 138] FAILED — endentscheidung count drifted: expected 7, got %', end_post;
+    END IF;
+    IF anord_post <> 7 THEN
+        RAISE EXCEPTION '[mig 138] FAILED — anordnung count drifted: expected 7, got %', anord_post;
+    END IF;
+    IF cost_post <> 2 THEN
+        RAISE EXCEPTION '[mig 138] FAILED — kostenentscheidung count drifted: expected 2, got %', cost_post;
+    END IF;
+
+    FOR target_distribution IN
+        SELECT unnest(applies_to_target) AS target, COUNT(*) AS n
+          FROM paliad.deadline_rules dr
+          JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
+         WHERE pt.code = 'upc.apl.unified' AND dr.is_active = true
+         GROUP BY unnest(applies_to_target)
+         ORDER BY 1
+    LOOP
+        RAISE NOTICE '[mig 138] post: applies_to_target=%  count=%',
+            target_distribution.target, target_distribution.n;
+    END LOOP;
+END $$;

internal/db/migrations/139_deadline_rules_unified_view.down.sql

@@ -0,0 +1,7 @@
+-- 139_deadline_rules_unified_view (down) — Slice B.3, t-paliad-305
+--
+-- Drops the view. The underlying paliad.sequencing_rules /
+-- procedural_events / legal_sources tables are untouched (they own the
+-- data — the view is just a projection).
+
+DROP VIEW IF EXISTS paliad.deadline_rules_unified;

internal/db/migrations/139_deadline_rules_unified_view.up.sql

@@ -0,0 +1,122 @@
+-- 139_deadline_rules_unified_view — Slice B.3 read cutover (t-paliad-305 / m/paliad#93)
+--
+-- Creates paliad.deadline_rules_unified — a Postgres VIEW that
+-- re-projects paliad.sequencing_rules + paliad.procedural_events +
+-- paliad.legal_sources back into the legacy paliad.deadline_rules
+-- column shape.
+--
+-- Why a view instead of rewriting every SELECT in Go:
+--
+--   - 19 read sites across 11 service files reference
+--     paliad.deadline_rules. Rewriting each by hand multiplies the
+--     opportunity for off-by-one bugs in the JOIN.
+--   - The view has the same column names + types as the legacy table,
+--     so the change in Go is a 1-token substitution per query
+--     (FROM paliad.deadline_rules → FROM paliad.deadline_rules_unified)
+--     with no struct or scanner changes.
+--   - When B.4 drops paliad.deadline_rules, this view stays — it
+--     becomes the canonical legacy-shape reader for any code that
+--     hasn't been migrated to direct sr/pe/ls reads.
+--
+-- Column mapping (per design §4.2):
+--   - id, proceeding_type_id, parent_id, primary_party, duration_*,
+--     timing, sequence_order, is_spawn/court_set/bilateral, priority,
+--     rule_code, rule_codes, deadline_notes(_en), condition_expr,
+--     choices_offered, applies_to_target, trigger_event_id,
+--     spawn_proceeding_type_id, anchor_alt, alt_duration_*,
+--     alt_rule_code, combine_op, lifecycle_state, draft_of,
+--     published_at, is_active, created_at, updated_at, spawn_label
+--       → from paliad.sequencing_rules
+--   - submission_code           → procedural_events.code
+--   - name, name_en, description→ procedural_events
+--   - event_type                → procedural_events.event_kind (renamed)
+--   - concept_id                → procedural_events
+--   - legal_source              → legal_sources.citation (via legal_source_id FK)
+--
+-- The view is READ-ONLY by default. Writes still go to the underlying
+-- tables — RuleEditorService is refactored in the same slice to write
+-- directly to sr/pe/ls. paliad.deadline_rules is FROZEN from B.3 onward
+-- (no new writes); the dual-write helper from B.2 is decommissioned.
+
+-- The CHECK constraint on sequencing_rules.primary_party doesn't exist
+-- yet (mig 135 only constrained deadline_rules.primary_party). The view
+-- inherits whatever value sr.primary_party carries; mig 136's backfill
+-- set sr.primary_party = dr.primary_party so the canonical four-value
+-- vocab is already in place. A later slice can add the same CHECK to
+-- sequencing_rules itself.
+
+CREATE OR REPLACE VIEW paliad.deadline_rules_unified AS
+SELECT
+    sr.id,
+    sr.proceeding_type_id,
+    sr.parent_id,
+    pe.code                    AS submission_code,
+    pe.name,
+    pe.name_en,
+    pe.description,
+    sr.primary_party,
+    pe.event_kind              AS event_type,
+    sr.duration_value,
+    sr.duration_unit,
+    sr.timing,
+    sr.alt_duration_value,
+    sr.alt_duration_unit,
+    sr.alt_rule_code,
+    sr.anchor_alt,
+    sr.combine_op,
+    sr.rule_code,
+    sr.deadline_notes,
+    sr.deadline_notes_en,
+    sr.sequence_order,
+    sr.is_spawn,
+    sr.spawn_label,
+    sr.spawn_proceeding_type_id,
+    sr.is_bilateral,
+    sr.is_court_set,
+    sr.priority,
+    sr.condition_expr,
+    pe.concept_id,
+    ls.citation                AS legal_source,
+    sr.trigger_event_id,
+    sr.rule_codes,
+    sr.choices_offered,
+    sr.applies_to_target,
+    sr.lifecycle_state,
+    sr.draft_of,
+    sr.published_at,
+    sr.is_active,
+    sr.created_at,
+    sr.updated_at
+  FROM paliad.sequencing_rules sr
+  JOIN paliad.procedural_events pe ON pe.id = sr.procedural_event_id
+  LEFT JOIN paliad.legal_sources  ls ON ls.id = pe.legal_source_id;
+
+COMMENT ON VIEW paliad.deadline_rules_unified IS
+    'Slice B.3 (mig 139, t-paliad-305): legacy-shape projection over '
+    'sequencing_rules + procedural_events + legal_sources. Read-only — '
+    'writes go directly to the three underlying tables via '
+    'RuleEditorService. Survives B.4 destructive drop of '
+    'paliad.deadline_rules; the view will then be the only '
+    'legacy-shape reader.';
+
+-- Post-apply integrity check: confirm the view's row count matches the
+-- live sequencing_rules row count. A mismatch would indicate either a
+-- mid-deploy race (rare) or a JOIN issue (the LEFT JOIN to legal_sources
+-- never drops rows, the INNER JOIN to procedural_events drops sr rows
+-- whose procedural_event_id is NULL — but that column is NOT NULL on
+-- the table so it can't happen). Belt-and-braces.
+DO $$
+DECLARE
+    v_view_count int;
+    v_sr_count   int;
+BEGIN
+    SELECT COUNT(*) INTO v_view_count FROM paliad.deadline_rules_unified;
+    SELECT COUNT(*) INTO v_sr_count   FROM paliad.sequencing_rules;
+    IF v_view_count <> v_sr_count THEN
+        RAISE EXCEPTION '[mig 139] FAILED POST: view row count % does not match sequencing_rules row count %. '
+            'Possible cause: a sequencing_rules row references a procedural_event_id that does not exist (NOT NULL FK should prevent this).',
+            v_view_count, v_sr_count;
+    END IF;
+    RAISE NOTICE '[mig 139] view OK — deadline_rules_unified rows = % (= sequencing_rules)',
+        v_view_count;
+END $$;

internal/db/migrations/145_scenarios.down.sql

@@ -0,0 +1,13 @@
+-- 145_scenarios — DOWN
+--
+-- Reverses mig 145. Drops the FK on paliad.projects, the table, the
+-- trigger function, and the RLS policies (CASCADE on table drop kills
+-- policies). Any data in paliad.scenarios is lost on down.
+
+ALTER TABLE paliad.projects
+    DROP COLUMN IF EXISTS active_scenario_id;
+
+DROP TRIGGER IF EXISTS scenarios_touch_updated_at_trg ON paliad.scenarios;
+DROP FUNCTION IF EXISTS paliad.scenarios_touch_updated_at();
+
+DROP TABLE IF EXISTS paliad.scenarios CASCADE;

internal/db/migrations/145_scenarios.up.sql

@@ -0,0 +1,170 @@
+-- 145_scenarios — Slice D, m/paliad#124 §5 (revised)
+--
+-- Creates paliad.scenarios + paliad.projects.active_scenario_id FK.
+-- A scenario is a named composition of existing proceedings + flags
+-- + per-card choices + anchor dates the user can switch between for
+-- a project (project_id NOT NULL) OR save as an abstract template on
+-- /tools/verfahrensablauf (project_id IS NULL).
+--
+-- m's 2026-05-26 picks (AskUserQuestion round, doc commit 6e58595):
+--   Q1: composition shape  → primary+spawned (v1); multi-proceeding
+--                            peer compose is the v2 goal. spec.jsonb
+--                            architected for N entries from day 1.
+--   Q2: scope              → per-project + abstract.
+--   Q3: trigger dates      → per-anchor overrides over one base date.
+--   Q4: storage            → NEW paliad.scenarios table with jsonb
+--                            spec (NOT a project_event_choices column
+--                            extension).
+--
+-- "users should not add their own rules" (m, t-paliad-301) — scenarios
+-- compose existing rules, never author new ones. spec.proceedings[*].code
+-- must resolve to an existing active paliad.proceeding_types row;
+-- spec.proceedings[*].anchor_overrides keys must resolve to existing
+-- submission_codes. Validation happens at the application layer
+-- (ScenarioService.validateSpec) — not in DB CHECK constraints (too
+-- expensive to express in pure SQL).
+--
+-- Migration number: 145. Coordination check 2026-05-26 17:38: curie's
+-- B.2-B.6 migrations land in the 139-143 range. 144 reserved as buffer.
+-- 145 is the next safe claim.
+--
+-- ADDITIVE ONLY: CREATE TABLE, ALTER ADD COLUMN, indexes, RLS policies.
+-- Down drops everything. No backfill (zero existing scenarios on day 1).
+--
+-- See docs/design-litigation-planner-2026-05-26.md §5 + §18.4 for the
+-- design.
+
+-- ---------------------------------------------------------------
+-- 1. The scenarios table
+-- ---------------------------------------------------------------
+
+CREATE TABLE paliad.scenarios (
+    id          uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+    -- project_id NULL = abstract scenario (saved Verfahrensablauf
+    -- template, no Akte). project_id NOT NULL = scenario attached to
+    -- a real Akte.
+    project_id  uuid NULL REFERENCES paliad.projects(id) ON DELETE CASCADE,
+    name        text NOT NULL,
+    description text NULL,
+    -- spec carries the full composition. Shape documented in the
+    -- design doc §5; the application validates structure before write.
+    spec        jsonb NOT NULL,
+    created_by  uuid NULL REFERENCES paliad.users(id) ON DELETE SET NULL,
+    created_at  timestamptz NOT NULL DEFAULT now(),
+    updated_at  timestamptz NOT NULL DEFAULT now(),
+
+    -- Within a single project, scenario names are unique. Abstract
+    -- scenarios are unique per (created_by, name) so two users can
+    -- each keep a "with_ccr" template without colliding. NULLS NOT
+    -- DISTINCT means a single user can have one "name" per
+    -- (project_id, created_by) tuple, where NULL project_id +
+    -- NULL created_by is a single global namespace (used only by
+    -- seed / system scenarios — none today).
+    CONSTRAINT scenarios_unique_per_scope
+        UNIQUE NULLS NOT DISTINCT (project_id, created_by, name),
+
+    -- Non-empty name.
+    CONSTRAINT scenarios_name_nonempty CHECK (char_length(name) > 0),
+
+    -- Non-empty spec — at least an object. The application checks
+    -- structure (version, proceedings[], base_trigger_date format).
+    CONSTRAINT scenarios_spec_object CHECK (jsonb_typeof(spec) = 'object')
+);
+
+CREATE INDEX scenarios_project_id_idx
+    ON paliad.scenarios(project_id) WHERE project_id IS NOT NULL;
+
+CREATE INDEX scenarios_abstract_user_idx
+    ON paliad.scenarios(created_by) WHERE project_id IS NULL;
+
+COMMENT ON TABLE paliad.scenarios IS
+    'Named compositions of existing proceedings + flags + per-card '
+    'choices + anchor dates. project_id NULL = abstract template; '
+    'project_id NOT NULL = attached to an Akte. Design: '
+    'docs/design-litigation-planner-2026-05-26.md §5. (Slice D)';
+
+COMMENT ON COLUMN paliad.scenarios.spec IS
+    'jsonb composition spec. Shape: {version: int, base_trigger_date: '
+    'ISO date, proceedings: [{code, role, flags[], per_card_choices, '
+    'anchor_overrides, skip_rules[]}, ...]}. Validated at write-time '
+    'by ScenarioService.validateSpec.';
+
+-- ---------------------------------------------------------------
+-- 2. paliad.projects.active_scenario_id FK
+--
+-- NULL = use today's ad-hoc per-card choice state from
+-- paliad.project_event_choices (pre-scenario behaviour preserved).
+-- Non-NULL = the project's current SmartTimeline / Akte-Fristenrechner
+-- render reads from this scenario's spec instead.
+-- ---------------------------------------------------------------
+
+ALTER TABLE paliad.projects
+    ADD COLUMN active_scenario_id uuid NULL
+        REFERENCES paliad.scenarios(id) ON DELETE SET NULL;
+
+COMMENT ON COLUMN paliad.projects.active_scenario_id IS
+    'FK to paliad.scenarios. NULL = read choices from '
+    'paliad.project_event_choices (legacy). Non-NULL = read from the '
+    'pointed scenario.spec.';
+
+-- ---------------------------------------------------------------
+-- 3. RLS — mirror paliad.project_event_choices's pattern (mig 129).
+--
+-- Project-scoped scenarios (project_id NOT NULL) inherit team visibility
+-- via paliad.can_see_project. Abstract scenarios (project_id IS NULL)
+-- are private to created_by — only the author can read / write them.
+-- ---------------------------------------------------------------
+
+ALTER TABLE paliad.scenarios ENABLE ROW LEVEL SECURITY;
+
+-- Project-scoped: team visibility.
+DROP POLICY IF EXISTS scenarios_project_select ON paliad.scenarios;
+CREATE POLICY scenarios_project_select ON paliad.scenarios
+    FOR SELECT
+    USING (project_id IS NOT NULL AND paliad.can_see_project(project_id));
+
+DROP POLICY IF EXISTS scenarios_project_mutate ON paliad.scenarios;
+CREATE POLICY scenarios_project_mutate ON paliad.scenarios
+    FOR ALL
+    USING (project_id IS NOT NULL AND paliad.can_see_project(project_id))
+    WITH CHECK (project_id IS NOT NULL AND paliad.can_see_project(project_id));
+
+-- Abstract: owner-only.
+DROP POLICY IF EXISTS scenarios_abstract_select ON paliad.scenarios;
+CREATE POLICY scenarios_abstract_select ON paliad.scenarios
+    FOR SELECT
+    USING (project_id IS NULL AND created_by = auth.uid());
+
+DROP POLICY IF EXISTS scenarios_abstract_mutate ON paliad.scenarios;
+CREATE POLICY scenarios_abstract_mutate ON paliad.scenarios
+    FOR ALL
+    USING (project_id IS NULL AND created_by = auth.uid())
+    WITH CHECK (project_id IS NULL AND created_by = auth.uid());
+
+-- ---------------------------------------------------------------
+-- 4. updated_at trigger (mirrors other paliad tables that carry
+-- updated_at — keep it in lockstep with row mutations).
+-- ---------------------------------------------------------------
+
+CREATE OR REPLACE FUNCTION paliad.scenarios_touch_updated_at()
+    RETURNS trigger AS $$
+BEGIN
+    NEW.updated_at = now();
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE TRIGGER scenarios_touch_updated_at_trg
+    BEFORE UPDATE ON paliad.scenarios
+    FOR EACH ROW
+    EXECUTE FUNCTION paliad.scenarios_touch_updated_at();
+
+-- ---------------------------------------------------------------
+-- 5. Informational NOTICE — schema-only migration, zero rows added.
+-- ---------------------------------------------------------------
+
+DO $$
+BEGIN
+    RAISE NOTICE '[mig 145] paliad.scenarios created (0 rows; awaits API usage)';
+    RAISE NOTICE '[mig 145] paliad.projects.active_scenario_id added (all rows NULL initially)';
+END $$;

internal/handlers/handlers.go

@@ -120,6 +120,11 @@ type Services struct {
 	// the Verfahrensablauf timeline.
 	EventChoice *services.EventChoiceService
 
+	// Slice D (m/paliad#124 §5, mig 145) — named scenario compositions
+	// per project or as abstract templates. Nil when DATABASE_URL is
+	// unset; the /api/scenarios routes return 503 in that case.
+	Scenario *services.ScenarioService
+
 	// Paliadin is wired when DATABASE_URL is set. The concrete backend
 	// is picked in cmd/server/main.go based on PALIADIN_REMOTE_HOST
 	// (remote → mRiver via SSH) or local tmux availability. Stays nil
@@ -184,6 +189,7 @@ func Register(mux *http.ServeMux, client *auth.Client, giteaAPIToken string, svc
 			backup:          svc.Backup,
 			submissionDraft: svc.SubmissionDraft,
 			eventChoice:     svc.EventChoice,
+			scenario:        svc.Scenario,
 		}
 	}
 
@@ -446,6 +452,15 @@ func Register(mux *http.ServeMux, client *auth.Client, giteaAPIToken string, svc
 	protected.HandleFunc("PUT /api/projects/{id}/event-choices", handlePutProjectEventChoice)
 	protected.HandleFunc("DELETE /api/projects/{id}/event-choices/{submission_code}/{choice_kind}", handleDeleteProjectEventChoice)
 
+	// Slice D (m/paliad#124 §5, mig 145) — named scenario compositions
+	// per project or as abstract templates on /tools/verfahrensablauf.
+	protected.HandleFunc("GET /api/scenarios", handleScenariosList)
+	protected.HandleFunc("GET /api/scenarios/{id}", handleScenarioGet)
+	protected.HandleFunc("POST /api/scenarios", handleScenarioCreate)
+	protected.HandleFunc("PATCH /api/scenarios/{id}", handleScenarioPatch)
+	protected.HandleFunc("DELETE /api/scenarios/{id}", handleScenarioDelete)
+	protected.HandleFunc("PUT /api/projects/{id}/active-scenario", handleSetActiveScenario)
+
 	// Partner units (structural partner-led units; legacy "Dezernate").
 	protected.HandleFunc("GET /api/partner-units", handleListPartnerUnits)
 	protected.HandleFunc("POST /api/partner-units", handleCreatePartnerUnit)

internal/handlers/projects.go

@@ -71,6 +71,9 @@ type dbServices struct {
 
 	// t-paliad-265 — per-event-card optional choices.
 	eventChoice *services.EventChoiceService
+
+	// Slice D — named scenario compositions (m/paliad#124 §5).
+	scenario *services.ScenarioService
 }
 
 var dbSvc *dbServices

internal/handlers/scenarios.go

@@ -0,0 +1,216 @@
+package handlers
+
+import (
+	"encoding/json"
+	"errors"
+	"net/http"
+
+	"github.com/google/uuid"
+
+	"mgit.msbls.de/m/paliad/internal/services"
+	lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+// Slice D (m/paliad#124 §5, mig 145) — REST endpoints for paliad.scenarios.
+//
+// Routes (registered in handlers.go):
+//
+//	GET    /api/scenarios?project=<id>     — list project's scenarios
+//	GET    /api/scenarios?abstract=true    — list caller's abstract scenarios
+//	GET    /api/scenarios/{id}             — fetch one
+//	POST   /api/scenarios                  — create
+//	PATCH  /api/scenarios/{id}             — partial update
+//	PUT    /api/projects/{id}/active-scenario  — set/clear active scenario
+//	DELETE /api/scenarios/{id}             — remove
+//
+// All endpoints require auth; visibility is enforced by
+// ScenarioService.requireProjectVisible / requireVisible.
+
+func requireScenarioService(w http.ResponseWriter) bool {
+	if dbSvc == nil || dbSvc.scenario == nil {
+		writeJSON(w, http.StatusServiceUnavailable, map[string]string{
+			"error": "Szenarien sind vorübergehend nicht verfügbar (keine Datenbank).",
+		})
+		return false
+	}
+	return true
+}
+
+// scenarioErrorToStatus maps service errors to HTTP statuses. Mirrors
+// the patterns in projects.go and event_choices.go.
+func scenarioErrorToStatus(err error) (int, string) {
+	switch {
+	case errors.Is(err, lp.ErrUnknownScenario), errors.Is(err, services.ErrScenarioNotVisible):
+		return http.StatusNotFound, "Szenario nicht gefunden"
+	case errors.Is(err, services.ErrInvalidInput), errors.Is(err, lp.ErrInvalidScenario), errors.Is(err, lp.ErrScenarioNoPrimary):
+		return http.StatusBadRequest, err.Error()
+	}
+	return http.StatusInternalServerError, err.Error()
+}
+
+// handleScenariosList — GET /api/scenarios?project=<uuid> OR ?abstract=true.
+func handleScenariosList(w http.ResponseWriter, r *http.Request) {
+	if !requireScenarioService(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+
+	abstract := r.URL.Query().Get("abstract") == "true"
+	projectStr := r.URL.Query().Get("project")
+	switch {
+	case abstract:
+		out, err := dbSvc.scenario.ListAbstractForUser(r.Context(), uid)
+		if err != nil {
+			status, msg := scenarioErrorToStatus(err)
+			writeJSON(w, status, map[string]string{"error": msg})
+			return
+		}
+		writeJSON(w, http.StatusOK, out)
+	case projectStr != "":
+		pid, err := uuid.Parse(projectStr)
+		if err != nil {
+			writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige project ID"})
+			return
+		}
+		out, err := dbSvc.scenario.ListForProject(r.Context(), uid, pid)
+		if err != nil {
+			status, msg := scenarioErrorToStatus(err)
+			writeJSON(w, status, map[string]string{"error": msg})
+			return
+		}
+		writeJSON(w, http.StatusOK, out)
+	default:
+		writeJSON(w, http.StatusBadRequest, map[string]string{
+			"error": "?project=<uuid> oder ?abstract=true erforderlich",
+		})
+	}
+}
+
+// handleScenarioGet — GET /api/scenarios/{id}.
+func handleScenarioGet(w http.ResponseWriter, r *http.Request) {
+	if !requireScenarioService(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+	id, err := uuid.Parse(r.PathValue("id"))
+	if err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige ID"})
+		return
+	}
+	out, err := dbSvc.scenario.Get(r.Context(), uid, id)
+	if err != nil {
+		status, msg := scenarioErrorToStatus(err)
+		writeJSON(w, status, map[string]string{"error": msg})
+		return
+	}
+	writeJSON(w, http.StatusOK, out)
+}
+
+// handleScenarioCreate — POST /api/scenarios.
+func handleScenarioCreate(w http.ResponseWriter, r *http.Request) {
+	if !requireScenarioService(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+	var input services.CreateScenarioInput
+	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige Anfrage"})
+		return
+	}
+	out, err := dbSvc.scenario.Create(r.Context(), uid, input)
+	if err != nil {
+		status, msg := scenarioErrorToStatus(err)
+		writeJSON(w, status, map[string]string{"error": msg})
+		return
+	}
+	writeJSON(w, http.StatusCreated, out)
+}
+
+// handleScenarioPatch — PATCH /api/scenarios/{id}.
+func handleScenarioPatch(w http.ResponseWriter, r *http.Request) {
+	if !requireScenarioService(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+	id, err := uuid.Parse(r.PathValue("id"))
+	if err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige ID"})
+		return
+	}
+	var input services.PatchScenarioInput
+	if err := json.NewDecoder(r.Body).Decode(&input); err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige Anfrage"})
+		return
+	}
+	out, err := dbSvc.scenario.Patch(r.Context(), uid, id, input)
+	if err != nil {
+		status, msg := scenarioErrorToStatus(err)
+		writeJSON(w, status, map[string]string{"error": msg})
+		return
+	}
+	writeJSON(w, http.StatusOK, out)
+}
+
+// handleScenarioDelete — DELETE /api/scenarios/{id}.
+func handleScenarioDelete(w http.ResponseWriter, r *http.Request) {
+	if !requireScenarioService(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+	id, err := uuid.Parse(r.PathValue("id"))
+	if err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige ID"})
+		return
+	}
+	if err := dbSvc.scenario.Delete(r.Context(), uid, id); err != nil {
+		status, msg := scenarioErrorToStatus(err)
+		writeJSON(w, status, map[string]string{"error": msg})
+		return
+	}
+	w.WriteHeader(http.StatusNoContent)
+}
+
+// handleSetActiveScenario — PUT /api/projects/{id}/active-scenario.
+// Body: {"scenario_id": "<uuid>"} or {"scenario_id": null} to clear.
+func handleSetActiveScenario(w http.ResponseWriter, r *http.Request) {
+	if !requireScenarioService(w) {
+		return
+	}
+	uid, ok := requireUser(w, r)
+	if !ok {
+		return
+	}
+	pid, err := uuid.Parse(r.PathValue("id"))
+	if err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige project ID"})
+		return
+	}
+	var body struct {
+		ScenarioID *uuid.UUID `json:"scenario_id"`
+	}
+	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
+		writeJSON(w, http.StatusBadRequest, map[string]string{"error": "ungültige Anfrage"})
+		return
+	}
+	if err := dbSvc.scenario.SetActive(r.Context(), uid, pid, body.ScenarioID); err != nil {
+		status, msg := scenarioErrorToStatus(err)
+		writeJSON(w, status, map[string]string{"error": msg})
+		return
+	}
+	w.WriteHeader(http.StatusNoContent)
+}

internal/handlers/submissions.go

@@ -200,7 +200,7 @@ func loadSubmissionCatalog(ctx context.Context, projectProceedingTypeID *int) ([
 		        pt.code                AS proceeding_code,
 		        pt.name                AS proceeding_name,
 		        pt.name_en             AS proceeding_name_en
-		   FROM paliad.deadline_rules dr
+		   FROM paliad.deadline_rules_unified dr
 		   JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
 		  WHERE dr.is_active = true
 		    AND dr.lifecycle_state = 'published'

internal/services/deadline_rule_service.go

@@ -40,7 +40,9 @@ const ruleColumns = `id, proceeding_type_id, parent_id, submission_code, name, n
 const proceedingTypeColumns = `id, code, name, name_en, description, jurisdiction,
 	category, default_color, sort_order, is_active,
 	trigger_event_label_de, trigger_event_label_en,
-	appeal_target`
+	appeal_target,
+	role_proactive_label_de, role_proactive_label_en,
+	role_reactive_label_de,  role_reactive_label_en`
 
 // List returns active rules, optionally filtered by proceeding type.
 // Each row has ConceptDefaultEventTypeID hydrated from
@@ -53,13 +55,13 @@ func (s *DeadlineRuleService) List(ctx context.Context, proceedingTypeID *int) (
 	if proceedingTypeID != nil {
 		err = s.db.SelectContext(ctx, &rules,
 			`SELECT `+ruleColumns+`
-			   FROM paliad.deadline_rules
+			   FROM paliad.deadline_rules_unified
 			  WHERE proceeding_type_id = $1 AND is_active = true
 			  ORDER BY sequence_order`, *proceedingTypeID)
 	} else {
 		err = s.db.SelectContext(ctx, &rules,
 			`SELECT `+ruleColumns+`
-			   FROM paliad.deadline_rules
+			   FROM paliad.deadline_rules_unified
 			  WHERE is_active = true
 			  ORDER BY proceeding_type_id, sequence_order`)
 	}
@@ -98,7 +100,7 @@ func (s *DeadlineRuleService) hydrateConceptDefaultEventTypes(ctx context.Contex
 	}
 	query, args, err := sqlx.In(
 		`SELECT dr.id AS rule_id, j.event_type_id
-		   FROM paliad.deadline_rules dr
+		   FROM paliad.deadline_rules_unified dr
 		   JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
 		   JOIN paliad.deadline_concept_event_types j
 		         ON j.concept_id = dr.concept_id
@@ -150,7 +152,7 @@ func (s *DeadlineRuleService) GetRuleTree(ctx context.Context, proceedingTypeCod
 	var rules []models.DeadlineRule
 	if err := s.db.SelectContext(ctx, &rules,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE proceeding_type_id = $1 AND is_active = true
 		  ORDER BY sequence_order`, pt.ID); err != nil {
 		return nil, fmt.Errorf("list rules for %q: %w", proceedingTypeCode, err)
@@ -173,10 +175,10 @@ func (s *DeadlineRuleService) GetFullTimeline(ctx context.Context, proceedingTyp
 	var rules []models.DeadlineRule
 	err := s.db.SelectContext(ctx, &rules, `
 		WITH RECURSIVE tree AS (
-			SELECT * FROM paliad.deadline_rules
+			SELECT * FROM paliad.deadline_rules_unified
 			 WHERE proceeding_type_id = $1 AND parent_id IS NULL AND is_active = true
 			UNION ALL
-			SELECT dr.* FROM paliad.deadline_rules dr
+			SELECT dr.* FROM paliad.deadline_rules_unified dr
 			JOIN tree t ON dr.parent_id = t.id
 			WHERE dr.is_active = true
 		)
@@ -194,7 +196,7 @@ func (s *DeadlineRuleService) GetByIDs(ctx context.Context, ids []uuid.UUID) ([]
 	}
 	query, args, err := sqlx.In(
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE id IN (?) AND is_active = true
 		  ORDER BY sequence_order`, ids)
 	if err != nil {
@@ -262,7 +264,7 @@ func (s *DeadlineRuleService) ListByTriggerEvent(ctx context.Context, triggerEve
 	var rules []models.DeadlineRule
 	if err := s.db.SelectContext(ctx, &rules,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE trigger_event_id = $1
 		    AND is_active = true
 		  ORDER BY sequence_order`, triggerEventID); err != nil {
@@ -290,7 +292,7 @@ func (s *DeadlineRuleService) ListByProceedingTypeIDs(ctx context.Context, ids [
 	}
 	query, args, err := sqlx.In(
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE proceeding_type_id IN (?)
 		    AND is_active = true
 		  ORDER BY proceeding_type_id, sequence_order`, ids)
@@ -325,7 +327,7 @@ func (s *DeadlineRuleService) ListByConcept(ctx context.Context, conceptID uuid.
 	var rules []models.DeadlineRule
 	if err := s.db.SelectContext(ctx, &rules,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE concept_id = $1
 		    AND is_active = true
 		  ORDER BY proceeding_type_id NULLS LAST, sequence_order`, conceptID); err != nil {

internal/services/deadline_service.go

@@ -272,7 +272,7 @@ func (s *DeadlineService) ListVisibleForUser(ctx context.Context, userID uuid.UU
 		       ar.requester_kind AS requester_kind
 		  FROM paliad.deadlines f
 		  JOIN paliad.projects p ON p.id = f.project_id
-		  LEFT JOIN paliad.deadline_rules r ON r.id = f.rule_id
+		  LEFT JOIN paliad.deadline_rules_unified r ON r.id = f.rule_id
 		  LEFT JOIN paliad.approval_requests ar ON ar.id = f.pending_request_id
 		 WHERE ` + strings.Join(conds, " AND ") + `
 		 ORDER BY f.due_date ASC, f.created_at DESC`
@@ -585,6 +585,16 @@ func (s *DeadlineService) Update(ctx context.Context, userID, deadlineID uuid.UU
 		if _, err := tx.ExecContext(ctx, query, args...); err != nil {
 			return nil, fmt.Errorf("update deadline: %w", err)
 		}
+		// Slice B.2 dual-write (t-paliad-305): if rule_id was in the
+		// patch (auto/custom swap from t-paliad-258), the parallel
+		// procedural_event_id + sequencing_rule_id columns must follow.
+		// Call unconditionally — it's a single UPDATE keyed on
+		// deadlineID and a no-op when rule_id is unchanged.
+		if input.RuleSet {
+			if err := syncDeadlineDualLinks(ctx, tx, deadlineID); err != nil {
+				return nil, err
+			}
+		}
 	}
 
 	if input.EventTypeIDs != nil && s.eventTypes != nil {

internal/services/dual_write.go

@@ -0,0 +1,392 @@
+// Slice B.2 dual-write (t-paliad-305 / m/paliad#93) — keep paliad's
+// new tables (procedural_events / sequencing_rules / legal_sources) in
+// lock-step with the legacy paliad.deadline_rules table during the
+// dual-write window. Mig 136 (Slice B.1) created the new tables and
+// backfilled them once. This file keeps them in sync going forward.
+//
+// Contract:
+//
+//   - Every RuleEditorService method that mutates paliad.deadline_rules
+//     calls syncDualWriteFromDeadlineRule(ctx, tx, id) inside the same
+//     transaction, AFTER the deadline_rules write, BEFORE tx.Commit.
+//   - The sync is idempotent (INSERT … ON CONFLICT … DO UPDATE) so the
+//     same call works for Create (new row), UpdateDraft (existing row),
+//     CloneAsDraft (new row referencing an old row), Publish (lifecycle
+//     flip), Archive/Restore (lifecycle flip), and the published-peer
+//     archive that Publish performs as a cascade.
+//   - The sync re-derives the new-table state from paliad.deadline_rules
+//     in pure SQL — no struct mapping in Go. The legacy table stays the
+//     source of truth during B.2 (B.3 flips reads, B.4 drops it).
+//   - Read paths still read deadline_rules in B.2. The new tables are a
+//     parallel projection kept consistent for B.3's read cutover; they
+//     are not yet authoritative.
+//
+// Why a per-row sync instead of a global trigger:
+//
+//   - The deadline_rules audit trigger (mig 079) reads paliad.audit_reason
+//     to record the rationale on every change. Putting the new-table
+//     write in the same TX preserves that auditability — set_config is
+//     transactional and the new writes share the same reason.
+//   - A Postgres-side AFTER UPDATE trigger on deadline_rules would also
+//     work but it's harder to test in isolation and harder to revert
+//     when B.4 drops the source table. A Go-side sync is reversible
+//     with a code revert; an SQL trigger needs a follow-up migration.
+//
+// The drift-check job (CheckDualWriteDrift below) runs daily and
+// alerts on mismatches. If the sync ever silently misses a row, the
+// drift check surfaces it inside one day.
+//
+// See docs/design-procedural-events-model-2026-05-25.md §5.2 (dual-write
+// phase) and docs/design-procedural-events-b0-findings-2026-05-26.md §7.
+package services
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/jmoiron/sqlx"
+)
+
+// syncDualWriteFromDeadlineRule re-projects the deadline_rules row with
+// the given id into legal_sources + procedural_events + sequencing_rules.
+// Runs three UPSERT statements in the open transaction.
+//
+// Synthetic-code rule (for rows where deadline_rules.submission_code is
+// NULL) mirrors mig 136's backfill: 'null.' || first 8 hex chars of the
+// uuid (dashes stripped). This must stay byte-identical to the mig 136
+// expression or the lookup join inside the sequencing_rules UPSERT
+// misses.
+func syncDualWriteFromDeadlineRule(ctx context.Context, tx *sqlx.Tx, id uuid.UUID) error {
+	// 1. legal_sources — UPSERT the citation (no-op if already present).
+	//    jurisdiction is parsed from the first dot-separated segment;
+	//    'other' on empty (paranoid fallback, no live rows hit it).
+	if _, err := tx.ExecContext(ctx, `
+		INSERT INTO paliad.legal_sources (citation, jurisdiction)
+		SELECT dr.legal_source,
+		       COALESCE(NULLIF(split_part(dr.legal_source, '.', 1), ''), 'other')
+		  FROM paliad.deadline_rules dr
+		 WHERE dr.id = $1 AND dr.legal_source IS NOT NULL
+		ON CONFLICT (citation) DO NOTHING`, id); err != nil {
+		return fmt.Errorf("dual-write legal_sources for rule %s: %w", id, err)
+	}
+
+	// 2. procedural_events — UPSERT keyed by code. The code is the
+	//    submission_code if present, else the synthetic 'null.<8hex>'
+	//    minted from the deadline_rules row's id (matches mig 136).
+	//    legal_source_id is resolved by JOIN on legal_sources.citation
+	//    (NULL when the rule has no legal_source).
+	if _, err := tx.ExecContext(ctx, `
+		INSERT INTO paliad.procedural_events
+		    (code, name, name_en, description, event_kind,
+		     primary_party_default, legal_source_id, concept_id,
+		     lifecycle_state, published_at, is_active)
+		SELECT
+		    COALESCE(dr.submission_code,
+		             'null.' || substring(replace(dr.id::text, '-', ''), 1, 8)),
+		    dr.name, dr.name_en, dr.description, dr.event_type,
+		    dr.primary_party, ls.id, dr.concept_id,
+		    dr.lifecycle_state, dr.published_at, dr.is_active
+		  FROM paliad.deadline_rules dr
+		  LEFT JOIN paliad.legal_sources ls ON ls.citation = dr.legal_source
+		 WHERE dr.id = $1
+		ON CONFLICT (code) DO UPDATE SET
+		    name                  = EXCLUDED.name,
+		    name_en               = EXCLUDED.name_en,
+		    description           = EXCLUDED.description,
+		    event_kind            = EXCLUDED.event_kind,
+		    primary_party_default = EXCLUDED.primary_party_default,
+		    legal_source_id       = EXCLUDED.legal_source_id,
+		    concept_id            = EXCLUDED.concept_id,
+		    lifecycle_state       = EXCLUDED.lifecycle_state,
+		    published_at          = EXCLUDED.published_at,
+		    is_active             = EXCLUDED.is_active,
+		    updated_at            = now()`, id); err != nil {
+		return fmt.Errorf("dual-write procedural_events for rule %s: %w", id, err)
+	}
+
+	// 3. sequencing_rules — UPSERT keyed by id (1:1 inheritance from
+	//    deadline_rules.id). procedural_event_id resolved by JOIN on
+	//    the (real or synthetic) code. All hat-3 mechanics columns copy
+	//    1:1 from the deadline_rules row's post-write state.
+	if _, err := tx.ExecContext(ctx, `
+		INSERT INTO paliad.sequencing_rules
+		    (id, procedural_event_id, proceeding_type_id, parent_id, trigger_event_id,
+		     duration_value, duration_unit, timing,
+		     alt_duration_value, alt_duration_unit, alt_rule_code, anchor_alt,
+		     combine_op, condition_expr, primary_party, sequence_order,
+		     is_spawn, spawn_label, spawn_proceeding_type_id,
+		     is_bilateral, is_court_set, priority,
+		     rule_code, rule_codes, deadline_notes, deadline_notes_en,
+		     choices_offered, applies_to_target,
+		     lifecycle_state, draft_of, published_at, is_active,
+		     created_at, updated_at)
+		SELECT
+		    dr.id, pe.id,
+		    dr.proceeding_type_id, dr.parent_id, dr.trigger_event_id,
+		    dr.duration_value, dr.duration_unit, dr.timing,
+		    dr.alt_duration_value, dr.alt_duration_unit, dr.alt_rule_code, dr.anchor_alt,
+		    dr.combine_op, dr.condition_expr, dr.primary_party, dr.sequence_order,
+		    dr.is_spawn, dr.spawn_label, dr.spawn_proceeding_type_id,
+		    dr.is_bilateral, dr.is_court_set, dr.priority,
+		    dr.rule_code, dr.rule_codes, dr.deadline_notes, dr.deadline_notes_en,
+		    dr.choices_offered, dr.applies_to_target,
+		    dr.lifecycle_state, dr.draft_of, dr.published_at, dr.is_active,
+		    dr.created_at, dr.updated_at
+		  FROM paliad.deadline_rules dr
+		  JOIN paliad.procedural_events pe
+		    ON pe.code = COALESCE(dr.submission_code,
+		                          'null.' || substring(replace(dr.id::text, '-', ''), 1, 8))
+		 WHERE dr.id = $1
+		ON CONFLICT (id) DO UPDATE SET
+		    procedural_event_id      = EXCLUDED.procedural_event_id,
+		    proceeding_type_id       = EXCLUDED.proceeding_type_id,
+		    parent_id                = EXCLUDED.parent_id,
+		    trigger_event_id         = EXCLUDED.trigger_event_id,
+		    duration_value           = EXCLUDED.duration_value,
+		    duration_unit            = EXCLUDED.duration_unit,
+		    timing                   = EXCLUDED.timing,
+		    alt_duration_value       = EXCLUDED.alt_duration_value,
+		    alt_duration_unit        = EXCLUDED.alt_duration_unit,
+		    alt_rule_code            = EXCLUDED.alt_rule_code,
+		    anchor_alt               = EXCLUDED.anchor_alt,
+		    combine_op               = EXCLUDED.combine_op,
+		    condition_expr           = EXCLUDED.condition_expr,
+		    primary_party            = EXCLUDED.primary_party,
+		    sequence_order           = EXCLUDED.sequence_order,
+		    is_spawn                 = EXCLUDED.is_spawn,
+		    spawn_label              = EXCLUDED.spawn_label,
+		    spawn_proceeding_type_id = EXCLUDED.spawn_proceeding_type_id,
+		    is_bilateral             = EXCLUDED.is_bilateral,
+		    is_court_set             = EXCLUDED.is_court_set,
+		    priority                 = EXCLUDED.priority,
+		    rule_code                = EXCLUDED.rule_code,
+		    rule_codes               = EXCLUDED.rule_codes,
+		    deadline_notes           = EXCLUDED.deadline_notes,
+		    deadline_notes_en        = EXCLUDED.deadline_notes_en,
+		    choices_offered          = EXCLUDED.choices_offered,
+		    applies_to_target        = EXCLUDED.applies_to_target,
+		    lifecycle_state          = EXCLUDED.lifecycle_state,
+		    draft_of                 = EXCLUDED.draft_of,
+		    published_at             = EXCLUDED.published_at,
+		    is_active                = EXCLUDED.is_active,
+		    updated_at               = now()`, id); err != nil {
+		return fmt.Errorf("dual-write sequencing_rules for rule %s: %w", id, err)
+	}
+
+	return nil
+}
+
+// syncDeadlineDualLinks mirrors a deadline's legacy rule_id back-link
+// onto the new procedural_event_id + sequencing_rule_id columns added
+// by mig 136. Call this within an open transaction AFTER any UPDATE
+// that mutates paliad.deadlines.rule_id (mig 122 introduced rule_id
+// as the deadline→rule FK; today's writers are DeadlineService.Update
+// and RuleEditorService.ResolveOrphan).
+//
+// Idempotent: NULL rule_id collapses both new columns to NULL by virtue
+// of the subquery returning NULL. Slice B.2 (t-paliad-305).
+func syncDeadlineDualLinks(ctx context.Context, tx *sqlx.Tx, deadlineID uuid.UUID) error {
+	if _, err := tx.ExecContext(ctx, `
+		UPDATE paliad.deadlines d
+		   SET sequencing_rule_id  = d.rule_id,
+		       procedural_event_id = (
+		           SELECT sr.procedural_event_id
+		             FROM paliad.sequencing_rules sr
+		            WHERE sr.id = d.rule_id
+		       )
+		 WHERE d.id = $1`, deadlineID); err != nil {
+		return fmt.Errorf("sync deadline dual-links for %s: %w", deadlineID, err)
+	}
+	return nil
+}
+
+// DualWriteDriftReport summarises the comparison between the legacy
+// paliad.deadline_rules table and the new procedural_events /
+// sequencing_rules tables that B.2's dual-write is meant to keep in
+// sync. A zero-drift report (every count delta zero, every join clean)
+// is the steady state during the dual-write window; any non-zero field
+// is the signal that a write path either bypassed
+// syncDualWriteFromDeadlineRule or that an out-of-band mutation
+// happened (e.g. raw SQL run by an operator).
+type DualWriteDriftReport struct {
+	// Counts on the legacy and the projected side.
+	DeadlineRules    int `json:"deadline_rules"`
+	SequencingRules  int `json:"sequencing_rules"`
+	ProceduralEvents int `json:"procedural_events"`
+	LegalSources     int `json:"legal_sources"`
+
+	// Expected (from the legacy side) vs observed (on the new side).
+	ExpectedPE           int `json:"expected_procedural_events"`
+	ExpectedLegalSources int `json:"expected_legal_sources"`
+
+	// MissingSR — deadline_rules rows with no sequencing_rules row by id.
+	// OrphanedSR — sequencing_rules rows whose id doesn't exist in
+	// deadline_rules anymore (would only happen with a deletion path
+	// that bypasses dual-write).
+	MissingSR  int `json:"missing_sequencing_rules"`
+	OrphanedSR int `json:"orphaned_sequencing_rules"`
+
+	// MismatchedLifecycle — rows where deadline_rules.lifecycle_state
+	// disagrees with sequencing_rules.lifecycle_state. Should always be
+	// zero during dual-write.
+	MismatchedLifecycle int `json:"mismatched_lifecycle"`
+
+	// MismatchedActive — same shape, for is_active.
+	MismatchedActive int `json:"mismatched_active"`
+}
+
+// HasDrift returns true if any field signals divergence between the
+// legacy and projected sides. Used by the drift-check ticker to decide
+// whether to log at WARN (drift) or INFO (clean).
+func (r DualWriteDriftReport) HasDrift() bool {
+	if r.SequencingRules != r.DeadlineRules {
+		return true
+	}
+	if r.ProceduralEvents != r.ExpectedPE {
+		return true
+	}
+	if r.LegalSources != r.ExpectedLegalSources {
+		return true
+	}
+	if r.MissingSR != 0 || r.OrphanedSR != 0 {
+		return true
+	}
+	if r.MismatchedLifecycle != 0 || r.MismatchedActive != 0 {
+		return true
+	}
+	return false
+}
+
+// CheckDualWriteDrift compares the legacy paliad.deadline_rules table
+// against the parallel new tables maintained by Slice B.2's dual-write.
+// Returns a DualWriteDriftReport — caller decides what to do with
+// non-zero drift (log, page, fail healthcheck, etc.).
+//
+// Read-only. Safe to run against prod. Single query per metric so the
+// pool isn't held for a long time. No locks; tolerates concurrent
+// writes (counts may shift by one or two during the read, but a
+// persistent drift > 0 is the alarm signal).
+func CheckDualWriteDrift(ctx context.Context, conn *sqlx.DB) (*DualWriteDriftReport, error) {
+	var r DualWriteDriftReport
+
+	q := func(label, sql string, dst *int) error {
+		if err := conn.GetContext(ctx, dst, sql); err != nil {
+			return fmt.Errorf("drift-check %s: %w", label, err)
+		}
+		return nil
+	}
+
+	if err := q("dr_total", `SELECT COUNT(*) FROM paliad.deadline_rules`, &r.DeadlineRules); err != nil {
+		return nil, err
+	}
+	if err := q("sr_total", `SELECT COUNT(*) FROM paliad.sequencing_rules`, &r.SequencingRules); err != nil {
+		return nil, err
+	}
+	if err := q("pe_total", `SELECT COUNT(*) FROM paliad.procedural_events`, &r.ProceduralEvents); err != nil {
+		return nil, err
+	}
+	if err := q("ls_total", `SELECT COUNT(*) FROM paliad.legal_sources`, &r.LegalSources); err != nil {
+		return nil, err
+	}
+
+	if err := q("expected_pe", `
+		SELECT
+		  (SELECT COUNT(DISTINCT submission_code) FROM paliad.deadline_rules WHERE submission_code IS NOT NULL)
+		  +
+		  (SELECT COUNT(*) FROM paliad.deadline_rules WHERE submission_code IS NULL)
+	`, &r.ExpectedPE); err != nil {
+		return nil, err
+	}
+	if err := q("expected_ls",
+		`SELECT COUNT(DISTINCT legal_source) FROM paliad.deadline_rules WHERE legal_source IS NOT NULL`,
+		&r.ExpectedLegalSources); err != nil {
+		return nil, err
+	}
+
+	if err := q("missing_sr", `
+		SELECT COUNT(*) FROM paliad.deadline_rules dr
+		  LEFT JOIN paliad.sequencing_rules sr ON sr.id = dr.id
+		 WHERE sr.id IS NULL`, &r.MissingSR); err != nil {
+		return nil, err
+	}
+	if err := q("orphaned_sr", `
+		SELECT COUNT(*) FROM paliad.sequencing_rules sr
+		  LEFT JOIN paliad.deadline_rules dr ON dr.id = sr.id
+		 WHERE dr.id IS NULL`, &r.OrphanedSR); err != nil {
+		return nil, err
+	}
+
+	if err := q("mismatched_lifecycle", `
+		SELECT COUNT(*) FROM paliad.deadline_rules dr
+		  JOIN paliad.sequencing_rules sr ON sr.id = dr.id
+		 WHERE dr.lifecycle_state <> sr.lifecycle_state`, &r.MismatchedLifecycle); err != nil {
+		return nil, err
+	}
+	if err := q("mismatched_active", `
+		SELECT COUNT(*) FROM paliad.deadline_rules dr
+		  JOIN paliad.sequencing_rules sr ON sr.id = dr.id
+		 WHERE dr.is_active <> sr.is_active`, &r.MismatchedActive); err != nil {
+		return nil, err
+	}
+
+	return &r, nil
+}
+
+// StartDualWriteDriftCheckLoop runs CheckDualWriteDrift on a fixed
+// interval for the lifetime of ctx. A clean run logs at INFO level;
+// drift logs at WARN level with the full report payload. The first
+// check fires after `interval`, not immediately on Start — by the time
+// the ticker first fires the process has finished booting and the
+// initial backfill + dual-write writes have settled.
+//
+// Slice B.2 (t-paliad-305). interval should be short enough to surface
+// drift before the next deploy (so a broken dual-write doesn't sit
+// silent for a week) and long enough to avoid noise (the check holds
+// no locks but it does run nine SELECT COUNTs).
+//
+// Recommended interval: 6h. Override via the caller (cmd/server picks
+// the runtime value).
+func StartDualWriteDriftCheckLoop(ctx context.Context, conn *sqlx.DB, interval time.Duration) {
+	if interval <= 0 {
+		interval = 6 * time.Hour
+	}
+	go func() {
+		t := time.NewTicker(interval)
+		defer t.Stop()
+		for {
+			select {
+			case <-ctx.Done():
+				return
+			case <-t.C:
+				report, err := CheckDualWriteDrift(ctx, conn)
+				if err != nil {
+					log.Printf("dual-write drift-check: error: %v", err)
+					continue
+				}
+				if report.HasDrift() {
+					log.Printf("dual-write drift-check: DRIFT DETECTED — "+
+						"deadline_rules=%d sequencing_rules=%d "+
+						"procedural_events=%d (expected %d) "+
+						"legal_sources=%d (expected %d) "+
+						"missing_sr=%d orphaned_sr=%d "+
+						"mismatched_lifecycle=%d mismatched_active=%d",
+						report.DeadlineRules, report.SequencingRules,
+						report.ProceduralEvents, report.ExpectedPE,
+						report.LegalSources, report.ExpectedLegalSources,
+						report.MissingSR, report.OrphanedSR,
+						report.MismatchedLifecycle, report.MismatchedActive)
+				} else {
+					log.Printf("dual-write drift-check: OK — "+
+						"deadline_rules=%d sequencing_rules=%d "+
+						"procedural_events=%d legal_sources=%d",
+						report.DeadlineRules, report.SequencingRules,
+						report.ProceduralEvents, report.LegalSources)
+				}
+			}
+		}
+	}()
+}
+

internal/services/dual_write_test.go

@@ -0,0 +1,300 @@
+// Slice B.2 dual-write tests (t-paliad-305 / m/paliad#93).
+//
+// Asserts the parallel projection — paliad.procedural_events +
+// paliad.sequencing_rules + paliad.legal_sources — stays in lock-step
+// with paliad.deadline_rules through the full RuleEditorService
+// lifecycle. Skipped when TEST_DATABASE_URL is unset.
+
+package services
+
+import (
+	"context"
+	"os"
+	"testing"
+
+	"github.com/jmoiron/sqlx"
+	_ "github.com/lib/pq"
+
+	"mgit.msbls.de/m/paliad/internal/db"
+)
+
+// TestDualWrite_RuleEditorLifecycle walks Create → UpdateDraft →
+// CloneAsDraft → Publish → Archive → Restore on RuleEditorService and
+// after each operation asserts that paliad.sequencing_rules has the
+// 1:1 mirror, paliad.procedural_events carries the projected identity,
+// and paliad.legal_sources carries the citation.
+func TestDualWrite_RuleEditorLifecycle(t *testing.T) {
+	url := os.Getenv("TEST_DATABASE_URL")
+	if url == "" {
+		t.Skip("TEST_DATABASE_URL not set — skipping live DB test")
+	}
+	if err := db.ApplyMigrations(url); err != nil {
+		t.Fatalf("apply migrations: %v", err)
+	}
+	pool, err := sqlx.Connect("postgres", url)
+	if err != nil {
+		t.Fatalf("connect: %v", err)
+	}
+	defer pool.Close()
+
+	ctx := context.Background()
+	rules := NewDeadlineRuleService(pool)
+	svc := NewRuleEditorService(pool, rules)
+
+	cleanup := func() {
+		pool.ExecContext(ctx,
+			`SELECT set_config('paliad.audit_reason', 'slice b.2 test cleanup', true)`)
+		// Order matters: sequencing_rules → procedural_events → legal_sources
+		// (FK direction). deadline_rules cleanup last because mig 079 audit
+		// trigger captures the DELETE.
+		pool.ExecContext(ctx, `DELETE FROM paliad.sequencing_rules WHERE id IN (
+			SELECT id FROM paliad.deadline_rules WHERE name LIKE 'SLICEB2_TEST_%'
+		)`)
+		pool.ExecContext(ctx, `DELETE FROM paliad.procedural_events
+			WHERE code LIKE 'sliceb2.%' OR code LIKE 'null.sliceb2%'`)
+		pool.ExecContext(ctx, `DELETE FROM paliad.legal_sources
+			WHERE citation LIKE 'SLICEB2.%'`)
+		pool.ExecContext(ctx,
+			`DELETE FROM paliad.deadline_rules WHERE name LIKE 'SLICEB2_TEST_%'`)
+		pool.ExecContext(ctx,
+			`DELETE FROM paliad.proceeding_types WHERE code = 'SLICEB2_TEST_PT'`)
+	}
+	cleanup()
+	defer cleanup()
+
+	var ptID int
+	if err := pool.GetContext(ctx, &ptID, `
+		INSERT INTO paliad.proceeding_types (code, name, name_en, category, jurisdiction, is_active)
+		VALUES ('SLICEB2_TEST_PT', 'Slice B.2 Test PT', 'Slice B.2 Test PT', 'fristenrechner', 'UPC', true)
+		RETURNING id`); err != nil {
+		t.Fatalf("seed proceeding_type: %v", err)
+	}
+
+	subCode := "sliceb2.create"
+	legalSrc := "SLICEB2.PatG.1"
+
+	// 1. Create — assert the parallel rows land.
+	created, err := svc.Create(ctx, CreateRuleInput{
+		Name:             "SLICEB2_TEST_create",
+		NameEN:           "SLICEB2_TEST_create_EN",
+		ProceedingTypeID: &ptID,
+		SubmissionCode:   &subCode,
+		LegalSource:      &legalSrc,
+		DurationValue:    30,
+		DurationUnit:     "days",
+		Priority:         "mandatory",
+	}, "B.2 dual-write create test")
+	if err != nil {
+		t.Fatalf("Create: %v", err)
+	}
+
+	// legal_sources should now carry SLICEB2.PatG.1
+	var lsCount int
+	if err := pool.GetContext(ctx, &lsCount,
+		`SELECT COUNT(*) FROM paliad.legal_sources WHERE citation = $1`, legalSrc); err != nil {
+		t.Fatalf("query legal_sources: %v", err)
+	}
+	if lsCount != 1 {
+		t.Errorf("legal_sources after Create: got %d, want 1 for citation %q", lsCount, legalSrc)
+	}
+
+	// procedural_events should carry the submission_code
+	var peName, peLifecycle string
+	if err := pool.GetContext(ctx, &peName,
+		`SELECT name FROM paliad.procedural_events WHERE code = $1`, subCode); err != nil {
+		t.Fatalf("query procedural_events name: %v", err)
+	}
+	if peName != "SLICEB2_TEST_create" {
+		t.Errorf("procedural_events.name after Create: got %q, want %q", peName, "SLICEB2_TEST_create")
+	}
+	if err := pool.GetContext(ctx, &peLifecycle,
+		`SELECT lifecycle_state FROM paliad.procedural_events WHERE code = $1`, subCode); err != nil {
+		t.Fatalf("query procedural_events lifecycle: %v", err)
+	}
+	if peLifecycle != "draft" {
+		t.Errorf("procedural_events.lifecycle_state after Create: got %q, want %q", peLifecycle, "draft")
+	}
+
+	// sequencing_rules should have id = created.id and link to PE
+	var srCount, srMatchPE int
+	if err := pool.GetContext(ctx, &srCount,
+		`SELECT COUNT(*) FROM paliad.sequencing_rules WHERE id = $1`, created.ID); err != nil {
+		t.Fatalf("query sequencing_rules count: %v", err)
+	}
+	if srCount != 1 {
+		t.Errorf("sequencing_rules row after Create: got %d, want 1 for id %s", srCount, created.ID)
+	}
+	if err := pool.GetContext(ctx, &srMatchPE, `
+		SELECT COUNT(*) FROM paliad.sequencing_rules sr
+		  JOIN paliad.procedural_events pe ON pe.id = sr.procedural_event_id
+		 WHERE sr.id = $1 AND pe.code = $2`, created.ID, subCode); err != nil {
+		t.Fatalf("query sr→pe join: %v", err)
+	}
+	if srMatchPE != 1 {
+		t.Errorf("sequencing_rules.procedural_event_id after Create: got %d join hits, want 1", srMatchPE)
+	}
+
+	// 2. UpdateDraft — change name + legal_source. Assert propagation.
+	newName := "SLICEB2_TEST_updated"
+	newLegal := "SLICEB2.ZPO.2"
+	_, err = svc.UpdateDraft(ctx, created.ID, RulePatch{
+		Name:        &newName,
+		LegalSource: &newLegal,
+	}, "B.2 dual-write update test")
+	if err != nil {
+		t.Fatalf("UpdateDraft: %v", err)
+	}
+
+	var afterName string
+	if err := pool.GetContext(ctx, &afterName,
+		`SELECT name FROM paliad.procedural_events WHERE code = $1`, subCode); err != nil {
+		t.Fatalf("query pe.name post-update: %v", err)
+	}
+	if afterName != newName {
+		t.Errorf("procedural_events.name after UpdateDraft: got %q, want %q", afterName, newName)
+	}
+
+	// New citation must appear in legal_sources, and procedural_events.legal_source_id
+	// must point at it (idempotent UPSERT — the old SLICEB2.PatG.1 row stays).
+	var pePointsAtNewLegal int
+	if err := pool.GetContext(ctx, &pePointsAtNewLegal, `
+		SELECT COUNT(*) FROM paliad.procedural_events pe
+		  JOIN paliad.legal_sources ls ON ls.id = pe.legal_source_id
+		 WHERE pe.code = $1 AND ls.citation = $2`, subCode, newLegal); err != nil {
+		t.Fatalf("query pe→ls join: %v", err)
+	}
+	if pePointsAtNewLegal != 1 {
+		t.Errorf("procedural_events.legal_source_id after UpdateDraft: got %d hits, want 1", pePointsAtNewLegal)
+	}
+
+	// 3. Publish — flip to published. Assert lifecycle mirror.
+	_, err = svc.Publish(ctx, created.ID, "B.2 dual-write publish test")
+	if err != nil {
+		t.Fatalf("Publish: %v", err)
+	}
+	var srLifecycle, peLifecycleAfterPub string
+	if err := pool.GetContext(ctx, &srLifecycle,
+		`SELECT lifecycle_state FROM paliad.sequencing_rules WHERE id = $1`, created.ID); err != nil {
+		t.Fatalf("query sr.lifecycle: %v", err)
+	}
+	if srLifecycle != "published" {
+		t.Errorf("sequencing_rules.lifecycle_state after Publish: got %q, want %q", srLifecycle, "published")
+	}
+	if err := pool.GetContext(ctx, &peLifecycleAfterPub,
+		`SELECT lifecycle_state FROM paliad.procedural_events WHERE code = $1`, subCode); err != nil {
+		t.Fatalf("query pe.lifecycle post-publish: %v", err)
+	}
+	if peLifecycleAfterPub != "published" {
+		t.Errorf("procedural_events.lifecycle_state after Publish: got %q, want %q", peLifecycleAfterPub, "published")
+	}
+
+	// 4. Archive — flip to archived. Assert mirror.
+	_, err = svc.Archive(ctx, created.ID, "B.2 dual-write archive test")
+	if err != nil {
+		t.Fatalf("Archive: %v", err)
+	}
+	var srLifecycleArchived string
+	if err := pool.GetContext(ctx, &srLifecycleArchived,
+		`SELECT lifecycle_state FROM paliad.sequencing_rules WHERE id = $1`, created.ID); err != nil {
+		t.Fatalf("query sr.lifecycle post-archive: %v", err)
+	}
+	if srLifecycleArchived != "archived" {
+		t.Errorf("sequencing_rules.lifecycle_state after Archive: got %q, want %q", srLifecycleArchived, "archived")
+	}
+
+	// 5. Drift check should return zero drift right after the dance.
+	report, err := CheckDualWriteDrift(ctx, pool)
+	if err != nil {
+		t.Fatalf("CheckDualWriteDrift: %v", err)
+	}
+	if report.HasDrift() {
+		t.Errorf("CheckDualWriteDrift unexpectedly flagged drift: %+v", report)
+	}
+}
+
+// TestDualWrite_SyntheticCodeForNullSubmission asserts that a rule
+// created with submission_code=NULL gets a synthetic 'null.<8hex>'
+// procedural_events row matching mig 136's mint expression — so a new
+// draft without a code participates in the dual-write contract without
+// colliding with any code-bearing rule.
+func TestDualWrite_SyntheticCodeForNullSubmission(t *testing.T) {
+	url := os.Getenv("TEST_DATABASE_URL")
+	if url == "" {
+		t.Skip("TEST_DATABASE_URL not set — skipping live DB test")
+	}
+	if err := db.ApplyMigrations(url); err != nil {
+		t.Fatalf("apply migrations: %v", err)
+	}
+	pool, err := sqlx.Connect("postgres", url)
+	if err != nil {
+		t.Fatalf("connect: %v", err)
+	}
+	defer pool.Close()
+
+	ctx := context.Background()
+	rules := NewDeadlineRuleService(pool)
+	svc := NewRuleEditorService(pool, rules)
+
+	cleanup := func() {
+		pool.ExecContext(ctx, `SELECT set_config('paliad.audit_reason', 'slice b.2 null-code cleanup', true)`)
+		pool.ExecContext(ctx, `DELETE FROM paliad.sequencing_rules WHERE id IN (
+			SELECT id FROM paliad.deadline_rules WHERE name = 'SLICEB2_TEST_nullcode'
+		)`)
+		// Synthetic PE rows are keyed off the rule's uuid; delete by name reference.
+		pool.ExecContext(ctx, `DELETE FROM paliad.procedural_events
+			WHERE code IN (
+			  SELECT 'null.' || substring(replace(id::text, '-', ''), 1, 8)
+			    FROM paliad.deadline_rules WHERE name = 'SLICEB2_TEST_nullcode'
+			)`)
+		pool.ExecContext(ctx, `DELETE FROM paliad.deadline_rules WHERE name = 'SLICEB2_TEST_nullcode'`)
+		pool.ExecContext(ctx, `DELETE FROM paliad.proceeding_types WHERE code = 'SLICEB2_NC_PT'`)
+	}
+	cleanup()
+	defer cleanup()
+
+	var ptID int
+	if err := pool.GetContext(ctx, &ptID, `
+		INSERT INTO paliad.proceeding_types (code, name, name_en, category, jurisdiction, is_active)
+		VALUES ('SLICEB2_NC_PT', 'NC PT', 'NC PT', 'fristenrechner', 'UPC', true)
+		RETURNING id`); err != nil {
+		t.Fatalf("seed proceeding_type: %v", err)
+	}
+
+	created, err := svc.Create(ctx, CreateRuleInput{
+		Name:             "SLICEB2_TEST_nullcode",
+		NameEN:           "SLICEB2_TEST_nullcode_EN",
+		ProceedingTypeID: &ptID,
+		// SubmissionCode intentionally NIL → tests the synthetic-code branch.
+		DurationValue: 5,
+		DurationUnit:  "days",
+		Priority:      "mandatory",
+	}, "B.2 dual-write null-code test")
+	if err != nil {
+		t.Fatalf("Create: %v", err)
+	}
+
+	// Compute the expected synthetic code in the same way mig 136 / the
+	// dual-write helper do — keep the expression in lock-step with the
+	// SQL via this Go-side mirror.
+	var expectedCode string
+	if err := pool.GetContext(ctx, &expectedCode,
+		`SELECT 'null.' || substring(replace(id::text, '-', ''), 1, 8)
+		   FROM paliad.deadline_rules WHERE id = $1`, created.ID); err != nil {
+		t.Fatalf("compute expected synthetic code: %v", err)
+	}
+
+	var actualCode string
+	if err := pool.GetContext(ctx, &actualCode, `
+		SELECT pe.code
+		  FROM paliad.procedural_events pe
+		  JOIN paliad.sequencing_rules sr ON sr.procedural_event_id = pe.id
+		 WHERE sr.id = $1`, created.ID); err != nil {
+		t.Fatalf("query procedural_events via sequencing_rules: %v", err)
+	}
+	if actualCode != expectedCode {
+		t.Errorf("synthetic code mismatch: got %q, want %q", actualCode, expectedCode)
+	}
+	if len(actualCode) != len("null.")+8 {
+		t.Errorf("synthetic code length: got %d, want 13 (null.+8hex)", len(actualCode))
+	}
+}

internal/services/event_deadline_service.go

@@ -168,7 +168,7 @@ func (s *EventDeadlineService) Calculate(ctx context.Context, triggerEventID int
 		       COALESCE(timing, 'after') AS timing,
 		       deadline_notes, deadline_notes_en, alt_duration_value, alt_duration_unit,
 		       combine_op, rule_codes
-		  FROM paliad.deadline_rules
+		  FROM paliad.deadline_rules_unified
 		 WHERE trigger_event_id = $1 AND is_active = true
 		 ORDER BY sequence_order`, triggerEventID)
 	if err != nil {

internal/services/export_service.go

@@ -1138,7 +1138,7 @@ func personalSheetQueries(actorID uuid.UUID) []sheetQuery {
 		},
 		{
 			SheetName: "ref__deadline_rules",
-			SQL:       `SELECT * FROM paliad.deadline_rules ORDER BY id`,
+			SQL:       `SELECT * FROM paliad.deadline_rules_unified ORDER BY id`,
 		},
 		{
 			SheetName: "ref__deadline_concepts",
@@ -1518,7 +1518,7 @@ SELECT 'partner_unit_default'::text AS source,
 		{SheetName: "ref__proceeding_types", SQL: `SELECT * FROM paliad.proceeding_types ORDER BY id`},
 		{SheetName: "ref__event_types", SQL: `SELECT * FROM paliad.event_types ORDER BY id`},
 		{SheetName: "ref__event_categories", SQL: `SELECT * FROM paliad.event_categories ORDER BY id`},
-		{SheetName: "ref__deadline_rules", SQL: `SELECT * FROM paliad.deadline_rules ORDER BY id`},
+		{SheetName: "ref__deadline_rules", SQL: `SELECT * FROM paliad.deadline_rules_unified ORDER BY id`},
 		{SheetName: "ref__deadline_concepts", SQL: `SELECT * FROM paliad.deadline_concepts ORDER BY id`},
 		{SheetName: "ref__courts", SQL: `SELECT * FROM paliad.courts ORDER BY id`},
 		{SheetName: "ref__countries", SQL: `SELECT * FROM paliad.countries ORDER BY code`},
@@ -1621,7 +1621,7 @@ func orgSheetQueries() []sheetQuery {
 		{SheetName: "ref__deadline_concept_event_types", SQL: `SELECT * FROM paliad.deadline_concept_event_types ORDER BY concept_id, event_type_id`},
 		{SheetName: "ref__deadline_concepts", SQL: `SELECT * FROM paliad.deadline_concepts ORDER BY id`},
 		{SheetName: "ref__deadline_event_types", SQL: `SELECT * FROM paliad.deadline_event_types ORDER BY rule_id, event_type_id`},
-		{SheetName: "ref__deadline_rules", SQL: `SELECT * FROM paliad.deadline_rules ORDER BY id`},
+		{SheetName: "ref__deadline_rules", SQL: `SELECT * FROM paliad.deadline_rules_unified ORDER BY id`},
 		{SheetName: "ref__event_categories", SQL: `SELECT * FROM paliad.event_categories ORDER BY id`},
 		{SheetName: "ref__event_category_concepts", SQL: `SELECT * FROM paliad.event_category_concepts ORDER BY category_id, concept_id`},
 		{SheetName: "ref__event_types", SQL: `SELECT * FROM paliad.event_types ORDER BY id`},

internal/services/fristenrechner.go

@@ -169,7 +169,7 @@ func (c *paliadCatalog) LoadRuleByID(ctx context.Context, ruleID string) (*model
 	var rule models.DeadlineRule
 	err := c.rules.db.GetContext(ctx, &rule,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE id = $1 AND is_active = true`, ruleID)
 	if errors.Is(err, sql.ErrNoRows) {
 		return nil, lp.ErrUnknownRule
@@ -200,7 +200,7 @@ func (c *paliadCatalog) LoadRuleByCode(ctx context.Context, proceedingCode, subm
 	var rule models.DeadlineRule
 	err = c.rules.db.GetContext(ctx, &rule,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE proceeding_type_id = $1 AND submission_code = $2 AND is_active = true`,
 		pt.ID, submissionCode)
 	if errors.Is(err, sql.ErrNoRows) {
@@ -311,7 +311,7 @@ func (c *paliadCatalog) LookupEvents(ctx context.Context, axes lp.EventLookupAxe
 		       pt.trigger_event_label_de AS pt_trigger_event_label_de,
 		       pt.trigger_event_label_en AS pt_trigger_event_label_en,
 		       pt.appeal_target AS pt_appeal_target
-		  FROM paliad.deadline_rules dr
+		  FROM paliad.deadline_rules_unified dr
 		  JOIN paliad.proceeding_types pt ON pt.id = dr.proceeding_type_id
 		 WHERE ` + strings.Join(where, "\n   AND ") + `
 		 ORDER BY dr.proceeding_type_id, dr.sequence_order`
@@ -516,6 +516,61 @@ func computeDepths(
 	return depths
 }
 
+// LoadScenarios lists scenarios visible to the caller (Slice D,
+// m/paliad#124 §5, mig 145). RLS on paliad.scenarios enforces:
+// project-scoped rows require paliad.can_see_project(project_id);
+// abstract rows require created_by = auth.uid(). The filter narrows
+// the SELECT (project_id-bound, abstract-for-user, or all).
+func (c *paliadCatalog) LoadScenarios(ctx context.Context, filter lp.ScenarioFilter) ([]lp.Scenario, error) {
+	where := []string{}
+	args := []any{}
+	add := func(clause string, val any) {
+		args = append(args, val)
+		where = append(where, fmt.Sprintf(clause, len(args)))
+	}
+	if filter.ProjectID != nil {
+		add("project_id = $%d", *filter.ProjectID)
+	}
+	if filter.AbstractForUser != nil {
+		where = append(where, "project_id IS NULL")
+		add("created_by = $%d", *filter.AbstractForUser)
+	}
+	query := `SELECT id, project_id, name, description, spec,
+	                 created_by, created_at, updated_at
+	            FROM paliad.scenarios`
+	if len(where) > 0 {
+		query += " WHERE " + strings.Join(where, " AND ")
+	}
+	query += " ORDER BY created_at DESC"
+
+	var rows []lp.Scenario
+	if err := c.rules.db.SelectContext(ctx, &rows, query, args...); err != nil {
+		return nil, fmt.Errorf("load scenarios: %w", err)
+	}
+	return rows, nil
+}
+
+// MatchScenario returns the scenario with the given id, or
+// lp.ErrUnknownScenario if not visible / not found. RLS gates
+// visibility; a not-found result could mean "doesn't exist" OR
+// "exists but you can't see it" — either way the caller treats it
+// as unknown.
+func (c *paliadCatalog) MatchScenario(ctx context.Context, id uuid.UUID) (*lp.Scenario, error) {
+	var s lp.Scenario
+	err := c.rules.db.GetContext(ctx, &s,
+		`SELECT id, project_id, name, description, spec,
+		        created_by, created_at, updated_at
+		   FROM paliad.scenarios
+		  WHERE id = $1`, id)
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, lp.ErrUnknownScenario
+	}
+	if err != nil {
+		return nil, fmt.Errorf("match scenario %q: %w", id, err)
+	}
+	return &s, nil
+}
+
 // _ proves paliadCatalog satisfies lp.Catalog at compile time.
 var _ lp.Catalog = (*paliadCatalog)(nil)
 

internal/services/lookup_events_test.go

@@ -137,14 +137,14 @@ func TestLookupEvents(t *testing.T) {
 				t.Errorf("anchor row %s missing endentscheidung target: %v",
 					m.Rule.Name, m.Rule.AppliesToTarget)
 			}
-			if m.ProceedingType.Code != "upc.apl" {
-				t.Errorf("anchor row %s came from %s, want upc.apl",
+			if m.ProceedingType.Code != "upc.apl.unified" {
+				t.Errorf("anchor row %s came from %s, want upc.apl.unified",
 					m.Rule.Name, m.ProceedingType.Code)
 			}
 		}
 	})
 
-	t.Run("appeal_target=schadensbemessung returns empty (no rules seeded yet)", func(t *testing.T) {
+	t.Run("appeal_target=schadensbemessung returns upc.apl merits rules (mig 138 backfill)", func(t *testing.T) {
 		matches, err := catalog.LookupEvents(ctx, lp.EventLookupAxes{
 			Jurisdiction: "UPC",
 			AppealTarget: lp.AppealTargetSchadensbemessung,
@@ -152,8 +152,68 @@ func TestLookupEvents(t *testing.T) {
 		if err != nil {
 			t.Fatalf("LookupEvents: %v", err)
 		}
-		if len(matches) != 0 {
-			t.Errorf("schadensbemessung should be empty until rules seeded; got %d rows", len(matches))
+		// mig 138 (t-paliad-303, m/paliad#134) extends the 7 merits-track
+		// rules under upc.apl.unified with applies_to_target ⊇ {schadensbemessung}
+		// because R.224 is uniform across substantive R.118 decisions.
+		if len(matches) == 0 {
+			t.Fatal("expected upc.apl schadensbemessung rules after mig 138 backfill")
+		}
+		for _, m := range matches {
+			if m.DepthFromAnchor != 1 {
+				continue
+			}
+			found := false
+			for _, t := range m.Rule.AppliesToTarget {
+				if t == lp.AppealTargetSchadensbemessung {
+					found = true
+					break
+				}
+			}
+			if !found {
+				t.Errorf("anchor row %s missing schadensbemessung target: %v",
+					m.Rule.Name, m.Rule.AppliesToTarget)
+			}
+			if m.ProceedingType.Code != "upc.apl.unified" {
+				t.Errorf("anchor row %s came from %s, want upc.apl.unified",
+					m.Rule.Name, m.ProceedingType.Code)
+			}
+		}
+	})
+
+	t.Run("appeal_target=bucheinsicht returns upc.apl order rules (mig 138 backfill)", func(t *testing.T) {
+		matches, err := catalog.LookupEvents(ctx, lp.EventLookupAxes{
+			Jurisdiction: "UPC",
+			AppealTarget: lp.AppealTargetBucheinsicht,
+		}, lp.EventLookupDepthAllFollowing)
+		if err != nil {
+			t.Fatalf("LookupEvents: %v", err)
+		}
+		// mig 138 (t-paliad-303, m/paliad#134) extends the 7 order-track
+		// rules under upc.apl.unified with applies_to_target ⊇ {bucheinsicht}
+		// because R.220.2 / R.224.2.b / R.235.2 / R.237 / R.238.2 are
+		// uniform across the orders they appeal.
+		if len(matches) == 0 {
+			t.Fatal("expected upc.apl bucheinsicht rules after mig 138 backfill")
+		}
+		for _, m := range matches {
+			if m.DepthFromAnchor != 1 {
+				continue
+			}
+			found := false
+			for _, t := range m.Rule.AppliesToTarget {
+				if t == lp.AppealTargetBucheinsicht {
+					found = true
+					break
+				}
+			}
+			if !found {
+				t.Errorf("anchor row %s missing bucheinsicht target: %v",
+					m.Rule.Name, m.Rule.AppliesToTarget)
+			}
+			if m.ProceedingType.Code != "upc.apl.unified" {
+				t.Errorf("anchor row %s came from %s, want upc.apl.unified",
+					m.Rule.Name, m.ProceedingType.Code)
+			}
 		}
 	})
 }

internal/services/projection_service.go

@@ -1767,7 +1767,7 @@ func (s *ProjectionService) lookupRuleBySubmissionCode(ctx context.Context, ptID
 	var rule models.DeadlineRule
 	err := s.db.GetContext(ctx, &rule,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE proceeding_type_id = $1 AND submission_code = $2 AND is_active = true`,
 		ptID, code)
 	if errors.Is(err, sql.ErrNoRows) {
@@ -1784,7 +1784,7 @@ func (s *ProjectionService) lookupRuleByID(ctx context.Context, id uuid.UUID) (*
 	var rule models.DeadlineRule
 	err := s.db.GetContext(ctx, &rule,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE id = $1`, id)
 	if err != nil {
 		return nil, fmt.Errorf("lookup rule by id: %w", err)

internal/services/rule_editor_orphans.go

@@ -117,7 +117,7 @@ func (s *RuleEditorService) ListOrphans(ctx context.Context) ([]Orphan, error) {
 		}
 		if err := s.db.SelectContext(ctx, &cs, `
 			SELECT id, rule_code, name, name_en
-			  FROM paliad.deadline_rules
+			  FROM paliad.deadline_rules_unified
 			 WHERE id = ANY($1::uuid[])`, pq.Array(uuidStrs)); err != nil {
 			return nil, fmt.Errorf("list orphan candidate rules: %w", err)
 		}
@@ -221,6 +221,12 @@ func (s *RuleEditorService) ResolveOrphan(ctx context.Context, orphanID uuid.UUI
 	); err != nil {
 		return fmt.Errorf("set deadline rule_id: %w", err)
 	}
+	// Slice B.2 dual-write (t-paliad-305): mirror the new linkage onto
+	// the parallel deadlines.procedural_event_id + sequencing_rule_id
+	// columns so they don't drift from rule_id.
+	if err := syncDeadlineDualLinks(ctx, tx, oc.DeadlineID); err != nil {
+		return err
+	}
 	if _, err := tx.ExecContext(ctx,
 		`UPDATE paliad.deadline_rule_backfill_orphans
 		    SET resolved_at      = $1,

internal/services/rule_editor_service.go

@@ -209,6 +209,14 @@ func (s *RuleEditorService) Create(ctx context.Context, input CreateRuleInput, r
 		return nil, fmt.Errorf("insert rule: %w", err)
 	}
 
+	// Slice B.2 dual-write (t-paliad-305): project the new row into
+	// legal_sources / procedural_events / sequencing_rules in the same
+	// transaction so the parallel tables stay in lock-step with
+	// deadline_rules through the B.3 read-cutover window.
+	if err := syncDualWriteFromDeadlineRule(ctx, tx, id); err != nil {
+		return nil, err
+	}
+
 	if err := tx.Commit(); err != nil {
 		return nil, fmt.Errorf("commit create: %w", err)
 	}
@@ -276,6 +284,10 @@ func (s *RuleEditorService) UpdateDraft(ctx context.Context, id uuid.UUID, patch
 	if _, err := tx.ExecContext(ctx, q, args...); err != nil {
 		return nil, fmt.Errorf("update rule draft: %w", err)
 	}
+	// Slice B.2 dual-write (t-paliad-305).
+	if err := syncDualWriteFromDeadlineRule(ctx, tx, id); err != nil {
+		return nil, err
+	}
 	if err := tx.Commit(); err != nil {
 		return nil, fmt.Errorf("commit update: %w", err)
 	}
@@ -336,6 +348,14 @@ func (s *RuleEditorService) CloneAsDraft(ctx context.Context, id uuid.UUID, reas
 	); err != nil {
 		return nil, fmt.Errorf("clone rule as draft: %w", err)
 	}
+	// Slice B.2 dual-write (t-paliad-305): new draft gets its own
+	// procedural_events + sequencing_rules row. The synthetic-code
+	// branch fires here when the source rule had NULL submission_code
+	// (the clone inherits the NULL and mints a fresh 'null.<8hex>'
+	// derived from newID).
+	if err := syncDualWriteFromDeadlineRule(ctx, tx, newID); err != nil {
+		return nil, err
+	}
 	if err := tx.Commit(); err != nil {
 		return nil, fmt.Errorf("commit clone: %w", err)
 	}
@@ -392,6 +412,18 @@ func (s *RuleEditorService) Publish(ctx context.Context, id uuid.UUID, reason st
 		}
 	}
 
+	// Slice B.2 dual-write (t-paliad-305): sync both sides — the newly
+	// published draft AND the cloned-from peer that just flipped to
+	// archived (if any).
+	if err := syncDualWriteFromDeadlineRule(ctx, tx, id); err != nil {
+		return nil, err
+	}
+	if current.DraftOf != nil {
+		if err := syncDualWriteFromDeadlineRule(ctx, tx, *current.DraftOf); err != nil {
+			return nil, err
+		}
+	}
+
 	if err := tx.Commit(); err != nil {
 		return nil, fmt.Errorf("commit publish: %w", err)
 	}
@@ -459,6 +491,12 @@ func (s *RuleEditorService) flipLifecycle(ctx context.Context, id uuid.UUID, tar
 		}
 	}
 
+	// Slice B.2 dual-write (t-paliad-305): mirror the lifecycle flip
+	// onto sequencing_rules + procedural_events.
+	if err := syncDualWriteFromDeadlineRule(ctx, tx, id); err != nil {
+		return nil, err
+	}
+
 	if err := tx.Commit(); err != nil {
 		return nil, fmt.Errorf("commit flip: %w", err)
 	}
@@ -598,7 +636,7 @@ func (s *RuleEditorService) ListRules(ctx context.Context, f ListRulesFilter) ([
 		where = "WHERE " + strings.Join(conds, " AND ")
 	}
 	query := `SELECT ` + ruleColumns + `
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		   ` + where + `
 		  ORDER BY proceeding_type_id NULLS LAST, sequence_order
 		  LIMIT ` + addArg(f.Limit) + ` OFFSET ` + addArg(f.Offset)
@@ -618,7 +656,7 @@ func (s *RuleEditorService) GetByID(ctx context.Context, id uuid.UUID) (*models.
 func (s *RuleEditorService) getByID(ctx context.Context, id uuid.UUID) (*models.DeadlineRule, error) {
 	var r models.DeadlineRule
 	err := s.db.GetContext(ctx, &r,
-		`SELECT `+ruleColumns+` FROM paliad.deadline_rules WHERE id = $1`, id)
+		`SELECT `+ruleColumns+` FROM paliad.deadline_rules_unified WHERE id = $1`, id)
 	if errors.Is(err, sql.ErrNoRows) {
 		return nil, ErrRuleNotFound
 	}
@@ -677,7 +715,7 @@ func (s *RuleEditorService) validateSpawnNoCycle(ctx context.Context, ruleID *uu
 		visited[current] = true
 		var nexts []sql.NullInt64
 		q := `SELECT DISTINCT spawn_proceeding_type_id::bigint
-		        FROM paliad.deadline_rules
+		        FROM paliad.deadline_rules_unified
 		       WHERE proceeding_type_id = $1
 		         AND is_spawn = true
 		         AND spawn_proceeding_type_id IS NOT NULL

internal/services/scenario_service.go

@@ -0,0 +1,347 @@
+package services
+
+import (
+	"context"
+	"database/sql"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/jmoiron/sqlx"
+
+	"mgit.msbls.de/m/paliad/internal/models"
+	lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+// ScenarioService reads + writes paliad.scenarios — named compositions
+// of existing proceedings + flags + per-card choices + anchor dates,
+// switchable per project or saved as abstract templates on
+// /tools/verfahrensablauf. Slice D, m/paliad#124 §5, mig 145.
+//
+// Visibility:
+//   - Project-scoped scenarios (project_id NOT NULL): require
+//     can_see_project on the bound project (mirrors
+//     EventChoiceService.requireProjectVisible).
+//   - Abstract scenarios (project_id IS NULL): owner-only. Only
+//     created_by can read / mutate.
+//
+// The service applies these checks in application code; paliad.scenarios
+// also has RLS policies (mig 145) as defense-in-depth for callers that
+// connect through Supabase Auth's auth.uid() session.
+type ScenarioService struct {
+	db       *sqlx.DB
+	projects *ProjectService
+	rules    *DeadlineRuleService
+}
+
+// NewScenarioService wires the service to its dependencies.
+func NewScenarioService(db *sqlx.DB, projects *ProjectService, rules *DeadlineRuleService) *ScenarioService {
+	return &ScenarioService{db: db, projects: projects, rules: rules}
+}
+
+// Sentinel errors. Mirrors EventChoiceService + the lp package errors
+// so handlers can map cleanly to HTTP statuses.
+var (
+	ErrScenarioNotVisible = errors.New("scenario not visible to caller")
+)
+
+// CreateScenarioInput is the payload for POST /api/scenarios. project_id
+// nil = abstract scenario (saved Verfahrensablauf template).
+type CreateScenarioInput struct {
+	ProjectID   *uuid.UUID      `json:"project_id,omitempty"`
+	Name        string          `json:"name"`
+	Description *string         `json:"description,omitempty"`
+	Spec        json.RawMessage `json:"spec"`
+}
+
+// Create inserts a new scenario after validating the spec.
+func (s *ScenarioService) Create(ctx context.Context, userID uuid.UUID, input CreateScenarioInput) (*lp.Scenario, error) {
+	if input.Name == "" {
+		return nil, fmt.Errorf("%w: name required", ErrInvalidInput)
+	}
+	if err := s.validateSpec(ctx, input.Spec); err != nil {
+		return nil, err
+	}
+	if input.ProjectID != nil {
+		if err := s.requireProjectVisible(ctx, userID, *input.ProjectID); err != nil {
+			return nil, err
+		}
+	}
+
+	var out lp.Scenario
+	err := s.db.GetContext(ctx, &out,
+		`INSERT INTO paliad.scenarios (project_id, name, description, spec, created_by)
+		      VALUES ($1, $2, $3, $4, $5)
+		   RETURNING id, project_id, name, description, spec, created_by,
+		             created_at, updated_at`,
+		input.ProjectID, input.Name, input.Description,
+		[]byte(input.Spec), userID)
+	if err != nil {
+		return nil, fmt.Errorf("create scenario: %w", err)
+	}
+	return &out, nil
+}
+
+// Get returns one scenario by id after a visibility check.
+func (s *ScenarioService) Get(ctx context.Context, userID, scenarioID uuid.UUID) (*lp.Scenario, error) {
+	var sc lp.Scenario
+	err := s.db.GetContext(ctx, &sc,
+		`SELECT id, project_id, name, description, spec, created_by,
+		        created_at, updated_at
+		   FROM paliad.scenarios
+		  WHERE id = $1`, scenarioID)
+	if errors.Is(err, sql.ErrNoRows) {
+		return nil, lp.ErrUnknownScenario
+	}
+	if err != nil {
+		return nil, fmt.Errorf("get scenario: %w", err)
+	}
+	if err := s.requireVisible(ctx, userID, &sc); err != nil {
+		return nil, err
+	}
+	return &sc, nil
+}
+
+// ListForProject returns scenarios attached to one project, ordered by
+// created_at desc.
+func (s *ScenarioService) ListForProject(ctx context.Context, userID, projectID uuid.UUID) ([]lp.Scenario, error) {
+	if err := s.requireProjectVisible(ctx, userID, projectID); err != nil {
+		return nil, err
+	}
+	out := []lp.Scenario{}
+	err := s.db.SelectContext(ctx, &out,
+		`SELECT id, project_id, name, description, spec, created_by,
+		        created_at, updated_at
+		   FROM paliad.scenarios
+		  WHERE project_id = $1
+		  ORDER BY created_at DESC`, projectID)
+	if err != nil {
+		return nil, fmt.Errorf("list scenarios for project: %w", err)
+	}
+	return out, nil
+}
+
+// ListAbstractForUser returns the calling user's abstract scenarios.
+func (s *ScenarioService) ListAbstractForUser(ctx context.Context, userID uuid.UUID) ([]lp.Scenario, error) {
+	out := []lp.Scenario{}
+	err := s.db.SelectContext(ctx, &out,
+		`SELECT id, project_id, name, description, spec, created_by,
+		        created_at, updated_at
+		   FROM paliad.scenarios
+		  WHERE project_id IS NULL AND created_by = $1
+		  ORDER BY created_at DESC`, userID)
+	if err != nil {
+		return nil, fmt.Errorf("list abstract scenarios: %w", err)
+	}
+	return out, nil
+}
+
+// PatchScenarioInput is the payload for PATCH /api/scenarios/{id}. Any
+// field nil means "don't change". Spec replacement re-runs validation.
+type PatchScenarioInput struct {
+	Name        *string         `json:"name,omitempty"`
+	Description *string         `json:"description,omitempty"`
+	Spec        json.RawMessage `json:"spec,omitempty"`
+}
+
+// Patch updates one or more scenario fields. Visibility check fires
+// first (the caller must already see the scenario to mutate it).
+func (s *ScenarioService) Patch(ctx context.Context, userID, scenarioID uuid.UUID, input PatchScenarioInput) (*lp.Scenario, error) {
+	current, err := s.Get(ctx, userID, scenarioID)
+	if err != nil {
+		return nil, err
+	}
+	if len(input.Spec) > 0 {
+		if err := s.validateSpec(ctx, input.Spec); err != nil {
+			return nil, err
+		}
+	}
+
+	sets := []string{}
+	args := []any{}
+	add := func(clause string, val any) {
+		args = append(args, val)
+		sets = append(sets, fmt.Sprintf(clause, len(args)))
+	}
+	if input.Name != nil {
+		add("name = $%d", *input.Name)
+	}
+	if input.Description != nil {
+		add("description = $%d", *input.Description)
+	}
+	if len(input.Spec) > 0 {
+		add("spec = $%d", []byte(input.Spec))
+	}
+	if len(sets) == 0 {
+		return current, nil
+	}
+	args = append(args, scenarioID)
+	query := fmt.Sprintf(`UPDATE paliad.scenarios SET %s
+	    WHERE id = $%d
+	RETURNING id, project_id, name, description, spec, created_by,
+	          created_at, updated_at`, joinSets(sets), len(args))
+	var out lp.Scenario
+	if err := s.db.GetContext(ctx, &out, query, args...); err != nil {
+		return nil, fmt.Errorf("patch scenario: %w", err)
+	}
+	return &out, nil
+}
+
+// SetActive points a project at one of its scenarios. Pass nil to
+// clear (revert to ad-hoc per-card choice state).
+func (s *ScenarioService) SetActive(ctx context.Context, userID, projectID uuid.UUID, scenarioID *uuid.UUID) error {
+	if err := s.requireProjectVisible(ctx, userID, projectID); err != nil {
+		return err
+	}
+	if scenarioID != nil {
+		// Ensure scenario exists + belongs to this project. A scenario
+		// from a different project (or an abstract one) can't be the
+		// active scenario on this project.
+		sc, err := s.Get(ctx, userID, *scenarioID)
+		if err != nil {
+			return err
+		}
+		if sc.ProjectID == nil || *sc.ProjectID != projectID {
+			return fmt.Errorf("%w: scenario %s is not attached to project %s",
+				ErrInvalidInput, *scenarioID, projectID)
+		}
+	}
+	_, err := s.db.ExecContext(ctx,
+		`UPDATE paliad.projects SET active_scenario_id = $1 WHERE id = $2`,
+		scenarioID, projectID)
+	if err != nil {
+		return fmt.Errorf("set active scenario: %w", err)
+	}
+	return nil
+}
+
+// Delete removes a scenario. Project's active_scenario_id is cleared
+// automatically via the FK's ON DELETE SET NULL.
+func (s *ScenarioService) Delete(ctx context.Context, userID, scenarioID uuid.UUID) error {
+	// Visibility check via Get — also resolves the existence question.
+	if _, err := s.Get(ctx, userID, scenarioID); err != nil {
+		return err
+	}
+	if _, err := s.db.ExecContext(ctx,
+		`DELETE FROM paliad.scenarios WHERE id = $1`, scenarioID); err != nil {
+		return fmt.Errorf("delete scenario: %w", err)
+	}
+	return nil
+}
+
+// requireVisible enforces the per-row visibility rule:
+//   - project_id NOT NULL → caller must see the project
+//   - project_id IS NULL  → caller must be the row's created_by
+func (s *ScenarioService) requireVisible(ctx context.Context, userID uuid.UUID, sc *lp.Scenario) error {
+	if sc.ProjectID != nil {
+		return s.requireProjectVisible(ctx, userID, *sc.ProjectID)
+	}
+	if sc.CreatedBy == nil || *sc.CreatedBy != userID {
+		return ErrScenarioNotVisible
+	}
+	return nil
+}
+
+// requireProjectVisible mirrors EventChoiceService.requireProjectVisible
+// (visibility via can_see_project). Cheap re-implementation — keeps the
+// call-graph small + avoids a cross-service dep.
+func (s *ScenarioService) requireProjectVisible(ctx context.Context, userID, projectID uuid.UUID) error {
+	var visible bool
+	err := s.db.GetContext(ctx, &visible,
+		`SELECT EXISTS (
+		    SELECT 1 FROM paliad.users u
+		     WHERE u.id = $1 AND u.global_role = 'global_admin'
+		) OR EXISTS (
+		    SELECT 1 FROM paliad.projects p
+		     JOIN paliad.project_teams pt ON pt.project_id = ANY(
+		            string_to_array(p.path, '.')::uuid[]
+		          )
+		    WHERE p.id = $2 AND pt.user_id = $1
+		)`, userID, projectID)
+	if err != nil {
+		return fmt.Errorf("check project visibility: %w", err)
+	}
+	if !visible {
+		return ErrScenarioNotVisible
+	}
+	return nil
+}
+
+// validateSpec checks the jsonb spec is well-formed, has the right
+// version, and that every referenced proceeding code + submission code
+// resolves to an active row in the live catalog. Surfaces friendly
+// errors wrapping ErrInvalidInput so the handler can map to a 400.
+func (s *ScenarioService) validateSpec(ctx context.Context, raw json.RawMessage) error {
+	if len(raw) == 0 {
+		return fmt.Errorf("%w: spec is required", ErrInvalidInput)
+	}
+	parsed, err := lp.ParseSpec(lp.NullableJSON(raw))
+	if err != nil {
+		return fmt.Errorf("%w: %v", ErrInvalidInput, err)
+	}
+	if _, err := parsed.PrimaryProceeding(); err != nil {
+		return fmt.Errorf("%w: %v", ErrInvalidInput, err)
+	}
+	if parsed.BaseTriggerDate != "" {
+		if _, err := time.Parse("2006-01-02", parsed.BaseTriggerDate); err != nil {
+			return fmt.Errorf("%w: base_trigger_date %q is not YYYY-MM-DD", ErrInvalidInput, parsed.BaseTriggerDate)
+		}
+	}
+	for i, p := range parsed.Proceedings {
+		if p.Code == "" {
+			return fmt.Errorf("%w: proceedings[%d].code is empty", ErrInvalidInput, i)
+		}
+		if p.Role != lp.ScenarioRolePrimary && p.Role != lp.ScenarioRolePeer {
+			return fmt.Errorf("%w: proceedings[%d].role=%q must be 'primary' or 'peer'",
+				ErrInvalidInput, i, p.Role)
+		}
+		if p.AppealTarget != "" && !lp.IsValidAppealTarget(p.AppealTarget) {
+			return fmt.Errorf("%w: proceedings[%d].appeal_target=%q not in %v",
+				ErrInvalidInput, i, p.AppealTarget, lp.AppealTargets)
+		}
+		if p.TriggerDateOverride != "" {
+			if _, err := time.Parse("2006-01-02", p.TriggerDateOverride); err != nil {
+				return fmt.Errorf("%w: proceedings[%d].trigger_date_override %q is not YYYY-MM-DD",
+					ErrInvalidInput, i, p.TriggerDateOverride)
+			}
+		}
+		for code, dateStr := range p.AnchorOverrides {
+			if _, err := time.Parse("2006-01-02", dateStr); err != nil {
+				return fmt.Errorf("%w: proceedings[%d].anchor_overrides[%q]=%q is not YYYY-MM-DD",
+					ErrInvalidInput, i, code, dateStr)
+			}
+		}
+		// Resolve code against active proceedings.
+		var exists bool
+		if err := s.db.GetContext(ctx, &exists,
+			`SELECT EXISTS(SELECT 1 FROM paliad.proceeding_types
+			               WHERE code = $1 AND is_active = true)`,
+			p.Code); err != nil {
+			return fmt.Errorf("validate spec proceedings[%d]: %w", i, err)
+		}
+		if !exists {
+			return fmt.Errorf("%w: proceedings[%d].code=%q is not an active proceeding_type",
+				ErrInvalidInput, i, p.Code)
+		}
+	}
+	return nil
+}
+
+// joinSets joins SET clauses with ", ". Tiny utility, kept here to
+// avoid cross-package strings.Join indirection.
+func joinSets(sets []string) string {
+	out := ""
+	for i, s := range sets {
+		if i > 0 {
+			out += ", "
+		}
+		out += s
+	}
+	return out
+}
+
+// Suppress unused-import diagnostic when models isn't referenced
+// (kept for future shape-evolution; canonical scenario row lives in lp).
+var _ = models.NullableJSON(nil)

internal/services/submission_vars.go

@@ -243,7 +243,7 @@ func (s *SubmissionVarsService) loadPublishedRule(ctx context.Context, submissio
 	var rule models.DeadlineRule
 	err := s.db.GetContext(ctx, &rule,
 		`SELECT `+ruleColumns+`
-		   FROM paliad.deadline_rules
+		   FROM paliad.deadline_rules_unified
 		  WHERE submission_code = $1
 		    AND lifecycle_state = 'published'
 		    AND is_active = true

pkg/litigationplanner/appeal_target_label_test.go

@@ -0,0 +1,55 @@
+package litigationplanner
+
+import "testing"
+
+// TestTriggerEventLabelForAppealTarget pins the per-target trigger-
+// event label matrix (t-paliad-301 / m/paliad#132 Bug B). The 5
+// canonical AppealTargets each have a DE + EN label; unknown targets
+// return empty so the caller can fall back to the proceeding's own
+// trigger_event_label.
+func TestTriggerEventLabelForAppealTarget(t *testing.T) {
+	cases := []struct {
+		target string
+		lang   string
+		want   string
+	}{
+		{AppealTargetEndentscheidung, "de", "Endentscheidung (R.118)"},
+		{AppealTargetEndentscheidung, "en", "Final decision (R.118)"},
+		{AppealTargetKostenentscheidung, "de", "Kostenentscheidung"},
+		{AppealTargetKostenentscheidung, "en", "Cost decision"},
+		{AppealTargetAnordnung, "de", "Anordnung"},
+		{AppealTargetAnordnung, "en", "Order"},
+		{AppealTargetSchadensbemessung, "de", "Entscheidung im Schadensbemessungsverfahren"},
+		{AppealTargetSchadensbemessung, "en", "Damages-assessment decision"},
+		{AppealTargetBucheinsicht, "de", "Anordnung der Bucheinsicht"},
+		{AppealTargetBucheinsicht, "en", "Book-inspection order"},
+		// Unknown lang falls through to DE so the caller never gets
+		// an empty string for a known target.
+		{AppealTargetEndentscheidung, "fr", "Endentscheidung (R.118)"},
+		// Unknown target → empty so caller falls back to proceeding's
+		// trigger_event_label.
+		{"", "de", ""},
+		{"foo", "en", ""},
+	}
+	for _, c := range cases {
+		if got := TriggerEventLabelForAppealTarget(c.target, c.lang); got != c.want {
+			t.Errorf("TriggerEventLabelForAppealTarget(%q, %q) = %q, want %q",
+				c.target, c.lang, got, c.want)
+		}
+	}
+}
+
+// TestAppealTargetsCoverage ensures every entry in AppealTargets has
+// a non-empty label in both languages. Adding a target to the slice
+// without populating the switch would silently emit empty labels —
+// this test catches that.
+func TestAppealTargetsCoverage(t *testing.T) {
+	for _, target := range AppealTargets {
+		for _, lang := range []string{"de", "en"} {
+			if got := TriggerEventLabelForAppealTarget(target, lang); got == "" {
+				t.Errorf("AppealTarget %q has empty label for lang %q — add it to the switch",
+					target, lang)
+			}
+		}
+	}
+}

pkg/litigationplanner/before_court_set_anchor_test.go

@@ -0,0 +1,328 @@
+package litigationplanner
+
+import (
+	"context"
+	"errors"
+	"testing"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+// Regression test for t-paliad-304 / m/paliad#135.
+//
+// Reproduces the R.109.1 / R.109.4 anchor bug on upc.inf.cfi:
+//   - Trigger (Klageerhebung):   parent_id=nil, duration=0,  !IsCourtSet, sequence_order=0
+//   - Translation request:       parent_id=oral, duration=1mo before, sequence_order=45
+//   - Interpreter cost:          parent_id=oral, duration=2w before, sequence_order=46
+//   - Oral hearing:              parent_id=nil, duration=0,  IsCourtSet, sequence_order=50
+//
+// The "before" children are listed BEFORE the oral hearing in sequence
+// order (because chronologically they happen before it). The engine walks
+// rules in sequence_order, so when it processes the translation/
+// interpreter rows, the oral hearing has not yet been processed →
+// courtSet[oral.ID] is not yet set → parentIsCourtSet is false → the
+// engine falls back to the trigger date as the base. Result: the timing=
+// 'before' arithmetic produces 27.04.2026 (1mo before SoC) instead of
+// the conditional-no-date treatment that a court-set parent should
+// trigger.
+//
+// Expected post-fix: translation_request + interpreter_cost render as
+// IsConditional (no concrete date) because their parent's date is
+// court-set and the proceeding does not yet have an explicit override.
+
+// stubCatalog implements lp.Catalog backed by an in-memory rule slice.
+// Only LoadProceeding is needed for the engine path under test; the
+// other interface methods return errors so an unintended call surfaces
+// immediately.
+type stubCatalog struct {
+	pt    ProceedingType
+	rules []Rule
+}
+
+func (s *stubCatalog) LoadProceeding(_ context.Context, code string, _ ProjectHint) (*ProceedingType, []Rule, error) {
+	if code != s.pt.Code {
+		return nil, nil, ErrUnknownProceedingType
+	}
+	rules := make([]Rule, len(s.rules))
+	copy(rules, s.rules)
+	pt := s.pt
+	return &pt, rules, nil
+}
+func (s *stubCatalog) LoadProceedingByID(_ context.Context, _ int) (*ProceedingType, error) {
+	return nil, errors.New("stubCatalog.LoadProceedingByID: not implemented")
+}
+func (s *stubCatalog) LoadRuleByID(_ context.Context, _ string) (*Rule, error) {
+	return nil, errors.New("stubCatalog.LoadRuleByID: not implemented")
+}
+func (s *stubCatalog) LoadRuleByCode(_ context.Context, _, _ string) (*Rule, *ProceedingType, error) {
+	return nil, nil, errors.New("stubCatalog.LoadRuleByCode: not implemented")
+}
+func (s *stubCatalog) LoadRulesByTriggerEvent(_ context.Context, _ int64) ([]Rule, error) {
+	return nil, nil
+}
+func (s *stubCatalog) LoadTriggerEventsByIDs(_ context.Context, _ []int64) (map[int64]TriggerEvent, error) {
+	return map[int64]TriggerEvent{}, nil
+}
+func (s *stubCatalog) LookupEvents(_ context.Context, _ EventLookupAxes, _ EventLookupDepth) ([]EventMatch, error) {
+	return nil, nil
+}
+func (s *stubCatalog) LoadScenarios(_ context.Context, _ ScenarioFilter) ([]Scenario, error) {
+	return nil, nil
+}
+func (s *stubCatalog) MatchScenario(_ context.Context, _ uuid.UUID) (*Scenario, error) {
+	return nil, ErrUnknownScenario
+}
+
+// noOpHolidays never adjusts dates — the test fixture doesn't care about
+// weekends or holidays, only about which base date the engine resolves.
+type noOpHolidays struct{}
+
+func (noOpHolidays) IsNonWorkingDay(_ time.Time, _, _ string) bool { return false }
+func (noOpHolidays) AdjustForNonWorkingDays(d time.Time, _, _ string) (time.Time, time.Time, bool) {
+	return d, d, false
+}
+func (noOpHolidays) AdjustForNonWorkingDaysBackward(d time.Time, _, _ string) (time.Time, time.Time, bool) {
+	return d, d, false
+}
+func (noOpHolidays) AdjustForNonWorkingDaysWithReason(d time.Time, _, _ string) (time.Time, time.Time, bool, *AdjustmentReason) {
+	return d, d, false, nil
+}
+
+type fixedCourts struct{}
+
+func (fixedCourts) CountryRegime(_, _, _ string) (string, string, error) {
+	return CountryDE, RegimeUPC, nil
+}
+
+func TestCalculate_BeforeChildOfCourtSetParent_OutOfOrderSequence(t *testing.T) {
+	ctx := context.Background()
+
+	// proceeding metadata
+	jurisdiction := "UPC"
+	procID := 1
+	pt := ProceedingType{
+		ID:           procID,
+		Code:         "upc.inf.cfi",
+		Name:         "Verletzungsverfahren",
+		NameEN:       "Infringement",
+		Jurisdiction: &jurisdiction,
+		IsActive:     true,
+	}
+
+	mkID := func() uuid.UUID {
+		id, _ := uuid.NewRandom()
+		return id
+	}
+	str := func(s string) *string { return &s }
+	procIDPtr := &procID
+
+	socID := mkID()
+	oralID := mkID()
+	transID := mkID()
+	interpID := mkID()
+
+	socCode := "upc.inf.cfi.soc"
+	oralCode := "upc.inf.cfi.oral"
+	transCode := "upc.inf.cfi.translation_request"
+	interpCode := "upc.inf.cfi.interpreter_cost"
+
+	rules := []Rule{
+		{
+			ID:               socID,
+			ProceedingTypeID: procIDPtr,
+			ParentID:         nil,
+			SubmissionCode:   &socCode,
+			Name:             "Klageerhebung",
+			NameEN:           "Statement of Claim",
+			PrimaryParty:     str("claimant"),
+			DurationValue:    0,
+			DurationUnit:     "months",
+			Timing:           str("after"),
+			SequenceOrder:    0,
+			IsCourtSet:       false,
+			IsActive:         true,
+			LifecycleState:   "published",
+			Priority:         "mandatory",
+		},
+		// Translation request: sequence_order BEFORE the oral hearing.
+		// Reproduces the real corpus ordering (DB rows 45 < 50).
+		{
+			ID:               transID,
+			ProceedingTypeID: procIDPtr,
+			ParentID:         &oralID,
+			SubmissionCode:   &transCode,
+			Name:             "Antrag auf Simultanübersetzung",
+			NameEN:           "Translation request",
+			PrimaryParty:     str("both"),
+			DurationValue:    1,
+			DurationUnit:     "months",
+			Timing:           str("before"),
+			SequenceOrder:    45,
+			IsCourtSet:       false,
+			IsActive:         true,
+			LifecycleState:   "published",
+			Priority:         "optional",
+		},
+		// Interpreter cost notice: sequence_order BEFORE the oral hearing.
+		{
+			ID:               interpID,
+			ProceedingTypeID: procIDPtr,
+			ParentID:         &oralID,
+			SubmissionCode:   &interpCode,
+			Name:             "Mitteilung Dolmetscherkosten",
+			NameEN:           "Interpreter cost notice",
+			PrimaryParty:     str("court"),
+			DurationValue:    2,
+			DurationUnit:     "weeks",
+			Timing:           str("before"),
+			SequenceOrder:    46,
+			IsCourtSet:       false,
+			IsActive:         true,
+			LifecycleState:   "published",
+			Priority:         "mandatory",
+		},
+		// Oral hearing: court-set, no calculable date. Listed AFTER its
+		// "before"-timed children in sequence_order.
+		{
+			ID:               oralID,
+			ProceedingTypeID: procIDPtr,
+			ParentID:         nil,
+			SubmissionCode:   &oralCode,
+			Name:             "Mündliche Verhandlung",
+			NameEN:           "Oral hearing",
+			PrimaryParty:     str("court"),
+			DurationValue:    0,
+			DurationUnit:     "months",
+			Timing:           str("after"),
+			SequenceOrder:    50,
+			IsCourtSet:       true,
+			IsActive:         true,
+			LifecycleState:   "published",
+			Priority:         "mandatory",
+		},
+	}
+
+	cat := &stubCatalog{pt: pt, rules: rules}
+
+	timeline, err := Calculate(ctx, "upc.inf.cfi", "2026-05-26", CalcOptions{}, cat, noOpHolidays{}, fixedCourts{})
+	if err != nil {
+		t.Fatalf("Calculate: %v", err)
+	}
+
+	byCode := make(map[string]TimelineEntry, len(timeline.Deadlines))
+	for _, d := range timeline.Deadlines {
+		byCode[d.Code] = d
+	}
+
+	// The trigger event itself is unambiguous.
+	if got := byCode[socCode]; got.DueDate != "2026-05-26" || !got.IsRootEvent {
+		t.Errorf("SoC: DueDate=%q IsRootEvent=%v, want 2026-05-26 + IsRootEvent=true", got.DueDate, got.IsRootEvent)
+	}
+
+	// Oral hearing must surface as IsCourtSet (no date).
+	oral := byCode[oralCode]
+	if oral.DueDate != "" || !oral.IsCourtSet {
+		t.Errorf("oral: DueDate=%q IsCourtSet=%v, want empty + IsCourtSet=true", oral.DueDate, oral.IsCourtSet)
+	}
+
+	// The two "before" children of the court-set oral hearing MUST surface
+	// as conditional rows (no date, no fabricated arithmetic off the
+	// trigger date). The buggy behaviour produces 2026-04-27 and 2026-05-12.
+	trans := byCode[transCode]
+	if trans.DueDate != "" {
+		t.Errorf("translation_request: DueDate=%q, want empty (parent oral is court-set, no anchor known yet)", trans.DueDate)
+	}
+	if !trans.IsConditional && !trans.IsCourtSet {
+		t.Errorf("translation_request: IsConditional=%v IsCourtSet=%v, want at least one true", trans.IsConditional, trans.IsCourtSet)
+	}
+
+	interp := byCode[interpCode]
+	if interp.DueDate != "" {
+		t.Errorf("interpreter_cost: DueDate=%q, want empty (parent oral is court-set, no anchor known yet)", interp.DueDate)
+	}
+	if !interp.IsConditional && !interp.IsCourtSet {
+		t.Errorf("interpreter_cost: IsConditional=%v IsCourtSet=%v, want at least one true", interp.IsConditional, interp.IsCourtSet)
+	}
+}
+
+// TestCalculate_BeforeChildOfCourtSetParent_WithOverride pins the
+// override semantics: when the user supplies an anchor override for
+// the court-set parent, the "before" children should compute against
+// that override date instead of remaining conditional.
+func TestCalculate_BeforeChildOfCourtSetParent_WithOverride(t *testing.T) {
+	ctx := context.Background()
+
+	jurisdiction := "UPC"
+	procID := 1
+	pt := ProceedingType{
+		ID:           procID,
+		Code:         "upc.inf.cfi",
+		Name:         "Verletzungsverfahren",
+		Jurisdiction: &jurisdiction,
+		IsActive:     true,
+	}
+
+	mkID := func() uuid.UUID {
+		id, _ := uuid.NewRandom()
+		return id
+	}
+	str := func(s string) *string { return &s }
+	procIDPtr := &procID
+
+	socID := mkID()
+	oralID := mkID()
+	transID := mkID()
+
+	socCode := "upc.inf.cfi.soc"
+	oralCode := "upc.inf.cfi.oral"
+	transCode := "upc.inf.cfi.translation_request"
+
+	rules := []Rule{
+		{
+			ID: socID, ProceedingTypeID: procIDPtr, ParentID: nil,
+			SubmissionCode: &socCode, Name: "Klageerhebung", NameEN: "SoC",
+			PrimaryParty: str("claimant"), DurationValue: 0, DurationUnit: "months", Timing: str("after"),
+			SequenceOrder: 0, IsActive: true, LifecycleState: "published", Priority: "mandatory",
+		},
+		{
+			ID: transID, ProceedingTypeID: procIDPtr, ParentID: &oralID,
+			SubmissionCode: &transCode, Name: "Antrag auf Simultanübersetzung", NameEN: "Translation request",
+			PrimaryParty: str("both"), DurationValue: 1, DurationUnit: "months", Timing: str("before"),
+			SequenceOrder: 45, IsActive: true, LifecycleState: "published", Priority: "optional",
+		},
+		{
+			ID: oralID, ProceedingTypeID: procIDPtr, ParentID: nil,
+			SubmissionCode: &oralCode, Name: "Mündliche Verhandlung", NameEN: "Oral hearing",
+			PrimaryParty: str("court"), DurationValue: 0, DurationUnit: "months", Timing: str("after"),
+			SequenceOrder: 50, IsCourtSet: true, IsActive: true, LifecycleState: "published", Priority: "mandatory",
+		},
+	}
+
+	cat := &stubCatalog{pt: pt, rules: rules}
+
+	// User pins the oral hearing to 2026-10-15.
+	opts := CalcOptions{
+		AnchorOverrides: map[string]string{
+			oralCode: "2026-10-15",
+		},
+	}
+	timeline, err := Calculate(ctx, "upc.inf.cfi", "2026-05-26", opts, cat, noOpHolidays{}, fixedCourts{})
+	if err != nil {
+		t.Fatalf("Calculate: %v", err)
+	}
+
+	byCode := make(map[string]TimelineEntry, len(timeline.Deadlines))
+	for _, d := range timeline.Deadlines {
+		byCode[d.Code] = d
+	}
+
+	if got := byCode[oralCode].DueDate; got != "2026-10-15" {
+		t.Errorf("oral: DueDate=%q, want 2026-10-15 (user override)", got)
+	}
+
+	// 1 month before 2026-10-15 = 2026-09-15
+	if got := byCode[transCode].DueDate; got != "2026-09-15" {
+		t.Errorf("translation_request: DueDate=%q, want 2026-09-15 (1 month before oral override)", got)
+	}
+}

pkg/litigationplanner/catalog.go

@@ -1,6 +1,10 @@
 package litigationplanner
 
-import "context"
+import (
+	"context"
+
+	"github.com/google/uuid"
+)
 
 // Catalog supplies proceeding-type metadata + rules for the calculator.
 //
@@ -59,4 +63,17 @@ type Catalog interface {
 	// (proceeding_type_id, sequence_order) so the frontend can render
 	// without re-sorting.
 	LookupEvents(ctx context.Context, axes EventLookupAxes, depth EventLookupDepth) ([]EventMatch, error)
+
+	// LoadScenarios lists scenarios visible to the caller, narrowed by
+	// the filter (Slice D, m/paliad#124 §5). Returns an empty slice
+	// (NOT an error) when no scenarios match. paliad-side impl applies
+	// RLS (paliad.can_see_project for project-scoped, created_by for
+	// abstract); snapshot-backed catalogs return an empty list.
+	LoadScenarios(ctx context.Context, filter ScenarioFilter) ([]Scenario, error)
+
+	// MatchScenario returns the scenario with the given id, or
+	// ErrUnknownScenario if not found / not visible. The engine adapter
+	// (CalculateFromScenario) calls this to fetch a scenario by id and
+	// then unpacks its spec via ParseSpec.
+	MatchScenario(ctx context.Context, id uuid.UUID) (*Scenario, error)
 }

pkg/litigationplanner/embedded/upc/courts.go

@@ -0,0 +1,66 @@
+package upc
+
+import (
+	"fmt"
+
+	lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+// SnapshotCourt is the embedded court row shape. Mirrors paliad.courts.
+type SnapshotCourt struct {
+	ID        string  `json:"id"`
+	Code      string  `json:"code"`
+	NameDE    string  `json:"name_de"`
+	NameEN    string  `json:"name_en"`
+	Country   string  `json:"country"`
+	Regime    *string `json:"regime,omitempty"`
+	CourtType string  `json:"court_type"`
+	ParentID  *string `json:"parent_id,omitempty"`
+	SortOrder int     `json:"sort_order"`
+}
+
+// SnapshotCourtRegistry serves CourtRegistry against the embedded
+// court slice. UPC subset only (DE / EPA / DPMA courts are NOT in
+// the snapshot — youpc.org has no need for them, and a request for
+// a non-UPC court id falls through to default country/regime per the
+// CountryRegime contract).
+type SnapshotCourtRegistry struct {
+	byID map[string]SnapshotCourt
+}
+
+// NewCourtRegistry parses the embedded courts.json and returns a
+// ready-to-use registry.
+func NewCourtRegistry() (*SnapshotCourtRegistry, error) {
+	var courts []SnapshotCourt
+	if err := readJSON("courts.json", &courts); err != nil {
+		return nil, err
+	}
+	r := &SnapshotCourtRegistry{byID: make(map[string]SnapshotCourt, len(courts))}
+	for _, c := range courts {
+		r.byID[c.ID] = c
+	}
+	return r, nil
+}
+
+// CountryRegime resolves a court ID to its (country, regime) tuple.
+// Empty courtID falls back to (defaultCountry, defaultRegime) per the
+// interface contract. ErrUnknownCourt-equivalent (a plain error here)
+// when courtID is non-empty but absent from the snapshot.
+func (r *SnapshotCourtRegistry) CountryRegime(courtID, defaultCountry, defaultRegime string) (country, regime string, err error) {
+	if courtID == "" {
+		return defaultCountry, defaultRegime, nil
+	}
+	c, ok := r.byID[courtID]
+	if !ok {
+		return "", "", fmt.Errorf("upc snapshot: unknown court id %q", courtID)
+	}
+	reg := ""
+	if c.Regime != nil {
+		reg = *c.Regime
+	}
+	return c.Country, reg, nil
+}
+
+// Compile-time assertion that SnapshotCourtRegistry satisfies
+// lp.CourtRegistry.
+var _ lp.CourtRegistry = (*SnapshotCourtRegistry)(nil)

pkg/litigationplanner/embedded/upc/courts.json

@@ -0,0 +1,22 @@
+[
+  {
+    "id": "upc-ld-munich",
+    "code": "upc-ld-munich",
+    "name_de": "UPC Lokalkammer München",
+    "name_en": "UPC Local Division Munich",
+    "country": "DE",
+    "regime": "UPC",
+    "court_type": "upc-ld",
+    "sort_order": 10
+  },
+  {
+    "id": "upc-coa",
+    "code": "upc-coa",
+    "name_de": "UPC Berufungsgericht",
+    "name_en": "UPC Court of Appeal",
+    "country": "LU",
+    "regime": "UPC",
+    "court_type": "upc-coa",
+    "sort_order": 100
+  }
+]

pkg/litigationplanner/embedded/upc/embed.go

@@ -0,0 +1,80 @@
+// Package upc provides an embedded, DB-free implementation of the
+// litigationplanner Catalog / HolidayCalendar / CourtRegistry
+// interfaces, populated from a JSON snapshot of paliad's UPC rule
+// corpus.
+//
+// Slice C of the litigation-planner extraction (m/paliad#124 §19).
+//
+// Consumers (today: youpc.org; future: any third-party UPC tool) wire
+// the engine like this:
+//
+//	import (
+//	    lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+//	    upc "mgit.msbls.de/m/paliad/pkg/litigationplanner/embedded/upc"
+//	)
+//
+//	cat, _ := upc.NewCatalog()
+//	hc, _  := upc.NewHolidayCalendar()
+//	cr, _  := upc.NewCourtRegistry()
+//
+//	timeline, err := lp.Calculate(ctx, "upc.inf.cfi", "2026-05-26",
+//	    lp.CalcOptions{}, cat, hc, cr)
+//
+// Regenerating the snapshot: see cmd/gen-upc-snapshot/README.md.
+//
+//go:generate sh -c "echo 'snapshot is regenerated via the gen-upc-snapshot binary — see cmd/gen-upc-snapshot/README.md'"
+package upc
+
+import (
+	"embed"
+	"encoding/json"
+	"fmt"
+	"time"
+)
+
+// rawFS holds the snapshot JSON files. The data files are produced by
+// cmd/gen-upc-snapshot from a paliad live DB.
+//
+//go:embed *.json
+var rawFS embed.FS
+
+// Meta is the version block from meta.json.
+type Meta struct {
+	Version           string    `json:"version"`
+	GeneratedAt       time.Time `json:"generated_at"`
+	PaliadCommit      string    `json:"paliad_commit,omitempty"`
+	SourceDBLabel     string    `json:"source_db_label,omitempty"`
+	RuleCount         int       `json:"rule_count"`
+	ProceedingCount   int       `json:"proceeding_count"`
+	TriggerEventCount int       `json:"trigger_event_count"`
+	HolidayCount      int       `json:"holiday_count"`
+	CourtCount        int       `json:"court_count"`
+}
+
+// LoadMeta parses meta.json from the embedded snapshot. Returns an
+// error when the snapshot hasn't been generated yet (meta.json
+// missing or empty).
+func LoadMeta() (Meta, error) {
+	var m Meta
+	buf, err := rawFS.ReadFile("meta.json")
+	if err != nil {
+		return Meta{}, fmt.Errorf("read meta.json: %w", err)
+	}
+	if err := json.Unmarshal(buf, &m); err != nil {
+		return Meta{}, fmt.Errorf("decode meta.json: %w", err)
+	}
+	return m, nil
+}
+
+// readJSON is a tiny helper that decodes one of the embedded files
+// into a destination value.
+func readJSON(name string, dst any) error {
+	buf, err := rawFS.ReadFile(name)
+	if err != nil {
+		return fmt.Errorf("read %s: %w", name, err)
+	}
+	if err := json.Unmarshal(buf, dst); err != nil {
+		return fmt.Errorf("decode %s: %w", name, err)
+	}
+	return nil
+}

pkg/litigationplanner/embedded/upc/holidays.go

@@ -0,0 +1,216 @@
+package upc
+
+import (
+	"time"
+
+	lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+// SnapshotHoliday is the embedded holiday row shape. Mirrors
+// paliad.holidays + the generator's output. Country and Regime are
+// optional pointers — at least one of them is non-empty on every
+// row (matches paliad's CHECK).
+type SnapshotHoliday struct {
+	Date        string  `json:"date"` // YYYY-MM-DD
+	Name        string  `json:"name"`
+	Country     *string `json:"country,omitempty"`
+	Regime      *string `json:"regime,omitempty"`
+	State       *string `json:"state,omitempty"`
+	HolidayType string  `json:"holiday_type"`
+}
+
+func (h SnapshotHoliday) appliesTo(country, regime string) bool {
+	if h.Country != nil && country != "" && *h.Country == country {
+		return true
+	}
+	if h.Regime != nil && regime != "" && *h.Regime == regime {
+		return true
+	}
+	return false
+}
+
+func (h SnapshotHoliday) isVacation() bool { return h.HolidayType == "vacation" }
+func (h SnapshotHoliday) isClosure() bool  { return h.HolidayType == "closure" }
+
+// SnapshotHolidayCalendar serves HolidayCalendar against the embedded
+// holiday slice. The semantics mirror paliad's HolidayService:
+//
+//   - IsNonWorkingDay = weekend OR a closure/vacation row matching
+//     the (country, regime) pair
+//   - AdjustForNonWorkingDays = walk forward day-by-day until
+//     IsNonWorkingDay returns false (bounded at 60 iters)
+//   - AdjustForNonWorkingDaysBackward = same but stepping -1 day
+//   - AdjustForNonWorkingDaysWithReason = forward walk + structured
+//     reason payload (vacation > public_holiday > weekend)
+type SnapshotHolidayCalendar struct {
+	byDate map[string][]SnapshotHoliday // keyed by YYYY-MM-DD
+}
+
+// NewHolidayCalendar parses the embedded holidays.json and returns a
+// ready-to-use calendar.
+func NewHolidayCalendar() (*SnapshotHolidayCalendar, error) {
+	var holidays []SnapshotHoliday
+	if err := readJSON("holidays.json", &holidays); err != nil {
+		return nil, err
+	}
+	cal := &SnapshotHolidayCalendar{byDate: make(map[string][]SnapshotHoliday, len(holidays))}
+	for _, h := range holidays {
+		cal.byDate[h.Date] = append(cal.byDate[h.Date], h)
+	}
+	return cal, nil
+}
+
+// IsNonWorkingDay returns true on weekends or closure/vacation
+// holidays applicable to the given country/regime.
+func (c *SnapshotHolidayCalendar) IsNonWorkingDay(date time.Time, country, regime string) bool {
+	if wd := date.Weekday(); wd == time.Saturday || wd == time.Sunday {
+		return true
+	}
+	key := date.Format("2006-01-02")
+	for _, h := range c.byDate[key] {
+		if !h.appliesTo(country, regime) {
+			continue
+		}
+		if h.isClosure() || h.isVacation() {
+			return true
+		}
+	}
+	return false
+}
+
+func (c *SnapshotHolidayCalendar) holidayMatch(date time.Time, country, regime string) *SnapshotHoliday {
+	key := date.Format("2006-01-02")
+	for _, h := range c.byDate[key] {
+		if !h.appliesTo(country, regime) {
+			continue
+		}
+		hh := h
+		return &hh
+	}
+	return nil
+}
+
+// AdjustForNonWorkingDays walks forward until the date lands on a
+// working day. Bound = 60 iters (same as paliad — generous safety
+// margin past any vacation run).
+func (c *SnapshotHolidayCalendar) AdjustForNonWorkingDays(date time.Time, country, regime string) (adjusted, original time.Time, wasAdjusted bool) {
+	original = date
+	adjusted = date
+	for i := 0; i < 60 && c.IsNonWorkingDay(adjusted, country, regime); i++ {
+		adjusted = adjusted.AddDate(0, 0, 1)
+		wasAdjusted = true
+	}
+	return adjusted, original, wasAdjusted
+}
+
+// AdjustForNonWorkingDaysBackward walks backward until the date lands
+// on a working day. Same bound.
+func (c *SnapshotHolidayCalendar) AdjustForNonWorkingDaysBackward(date time.Time, country, regime string) (adjusted, original time.Time, wasAdjusted bool) {
+	original = date
+	adjusted = date
+	for i := 0; i < 60 && c.IsNonWorkingDay(adjusted, country, regime); i++ {
+		adjusted = adjusted.AddDate(0, 0, -1)
+		wasAdjusted = true
+	}
+	return adjusted, original, wasAdjusted
+}
+
+// AdjustForNonWorkingDaysWithReason is the structured-explanation
+// counterpart to AdjustForNonWorkingDays. Reason kind precedence
+// (longest cause wins): vacation > public_holiday > weekend. Reason
+// is nil when wasAdjusted is false.
+func (c *SnapshotHolidayCalendar) AdjustForNonWorkingDaysWithReason(date time.Time, country, regime string) (adjusted, original time.Time, wasAdjusted bool, reason *lp.AdjustmentReason) {
+	original = date
+	adjusted = date
+
+	var holidaysHit []lp.HolidayDTO
+	seen := map[string]bool{}
+	var sawWeekend, sawVacation, sawPublicHoliday bool
+	var vacationName string
+
+	for i := 0; i < 60 && c.IsNonWorkingDay(adjusted, country, regime); i++ {
+		if wd := adjusted.Weekday(); wd == time.Saturday || wd == time.Sunday {
+			sawWeekend = true
+		}
+		if h := c.holidayMatch(adjusted, country, regime); h != nil {
+			if h.isVacation() {
+				sawVacation = true
+				if vacationName == "" {
+					vacationName = h.Name
+				}
+			} else if h.isClosure() {
+				sawPublicHoliday = true
+			}
+			key := h.Date + "|" + h.Name
+			if !seen[key] {
+				holidaysHit = append(holidaysHit, lp.HolidayDTO{
+					Date:       h.Date,
+					Name:       h.Name,
+					IsVacation: h.isVacation(),
+					IsClosure:  h.isClosure(),
+				})
+				seen[key] = true
+			}
+		}
+		adjusted = adjusted.AddDate(0, 0, 1)
+		wasAdjusted = true
+	}
+	if !wasAdjusted {
+		return adjusted, original, false, nil
+	}
+	r := &lp.AdjustmentReason{Holidays: holidaysHit}
+	switch {
+	case sawVacation:
+		r.Kind = "vacation"
+		r.VacationName = vacationName
+		if vs, ve, ok := c.findVacationBlock(original, country, regime); ok {
+			r.VacationStart = vs.Format("2006-01-02")
+			r.VacationEnd = ve.Format("2006-01-02")
+		}
+	case sawPublicHoliday:
+		r.Kind = "public_holiday"
+	default:
+		r.Kind = "weekend"
+	}
+	if sawWeekend && r.Kind == "weekend" {
+		r.OriginalWeekday = original.Weekday().String()
+	}
+	return adjusted, original, true, r
+}
+
+// findVacationBlock scans outward from date through non-working days
+// to locate the first/last IsVacation entries. Weekends inside the
+// run are traversed but don't extend the reported span — start/end
+// are always real vacation entries.
+func (c *SnapshotHolidayCalendar) findVacationBlock(date time.Time, country, regime string) (start, end time.Time, ok bool) {
+	cur := date
+	for i := 0; i < 60; i++ {
+		if !c.IsNonWorkingDay(cur, country, regime) {
+			break
+		}
+		if h := c.holidayMatch(cur, country, regime); h != nil && h.isVacation() {
+			start = cur
+			ok = true
+			break
+		}
+		cur = cur.AddDate(0, 0, -1)
+	}
+	if !ok {
+		return
+	}
+	cur = date
+	for i := 0; i < 60; i++ {
+		if !c.IsNonWorkingDay(cur, country, regime) {
+			break
+		}
+		if h := c.holidayMatch(cur, country, regime); h != nil && h.isVacation() {
+			end = cur
+		}
+		cur = cur.AddDate(0, 0, 1)
+	}
+	return start, end, true
+}
+
+// Compile-time assertion that SnapshotHolidayCalendar satisfies
+// lp.HolidayCalendar.
+var _ lp.HolidayCalendar = (*SnapshotHolidayCalendar)(nil)

pkg/litigationplanner/embedded/upc/holidays.json

@@ -0,0 +1,32 @@
+[
+  {
+    "date": "2026-01-01",
+    "name": "Neujahr",
+    "country": "DE",
+    "holiday_type": "closure"
+  },
+  {
+    "date": "2026-05-01",
+    "name": "Tag der Arbeit",
+    "country": "DE",
+    "holiday_type": "closure"
+  },
+  {
+    "date": "2026-08-24",
+    "name": "UPC Sommerpause",
+    "regime": "UPC",
+    "holiday_type": "vacation"
+  },
+  {
+    "date": "2026-08-25",
+    "name": "UPC Sommerpause",
+    "regime": "UPC",
+    "holiday_type": "vacation"
+  },
+  {
+    "date": "2026-08-26",
+    "name": "UPC Sommerpause",
+    "regime": "UPC",
+    "holiday_type": "vacation"
+  }
+]

pkg/litigationplanner/embedded/upc/meta.json

@@ -0,0 +1,11 @@
+{
+  "version": "2026-05-26-1-placeholder",
+  "generated_at": "2026-05-26T15:00:00Z",
+  "paliad_commit": "",
+  "source_db_label": "placeholder — operator must run `make snapshot-upc` against prod once mig 134/135 are applied",
+  "rule_count": 2,
+  "proceeding_count": 2,
+  "trigger_event_count": 0,
+  "holiday_count": 5,
+  "court_count": 2
+}

pkg/litigationplanner/embedded/upc/proceeding_types.json

@@ -0,0 +1,32 @@
+[
+  {
+    "id": 8,
+    "code": "upc.inf.cfi",
+    "name": "Verletzungsverfahren",
+    "name_en": "Infringement Action",
+    "description": "UPC infringement proceedings at first instance.",
+    "jurisdiction": "UPC",
+    "category": "fristenrechner",
+    "default_color": "#3b82f6",
+    "sort_order": 10,
+    "is_active": true,
+    "trigger_event_label_de": null,
+    "trigger_event_label_en": null,
+    "appeal_target": null
+  },
+  {
+    "id": 9,
+    "code": "upc.rev.cfi",
+    "name": "Nichtigkeitsverfahren",
+    "name_en": "Revocation Action",
+    "description": "UPC revocation proceedings at first instance.",
+    "jurisdiction": "UPC",
+    "category": "fristenrechner",
+    "default_color": "#f59e0b",
+    "sort_order": 20,
+    "is_active": true,
+    "trigger_event_label_de": null,
+    "trigger_event_label_en": null,
+    "appeal_target": null
+  }
+]

pkg/litigationplanner/embedded/upc/rules.json

@@ -0,0 +1,43 @@
+[
+  {
+    "id": "11111111-1111-1111-1111-111111111111",
+    "proceeding_type_id": 8,
+    "submission_code": "upc.inf.cfi.soc",
+    "name": "Klageerhebung",
+    "name_en": "Statement of Claim",
+    "duration_value": 0,
+    "duration_unit": "months",
+    "sequence_order": 1,
+    "is_spawn": false,
+    "is_active": true,
+    "created_at": "2026-01-01T00:00:00Z",
+    "updated_at": "2026-01-01T00:00:00Z",
+    "priority": "mandatory",
+    "is_court_set": false,
+    "is_bilateral": false,
+    "lifecycle_state": "published"
+  },
+  {
+    "id": "22222222-2222-2222-2222-222222222222",
+    "proceeding_type_id": 8,
+    "parent_id": "11111111-1111-1111-1111-111111111111",
+    "submission_code": "upc.inf.cfi.sod",
+    "name": "Klageerwiderung",
+    "name_en": "Statement of Defence",
+    "primary_party": "defendant",
+    "duration_value": 3,
+    "duration_unit": "months",
+    "timing": "after",
+    "rule_code": "UPC.RoP.23.1",
+    "legal_source": "UPC.RoP.23.1",
+    "sequence_order": 2,
+    "is_spawn": false,
+    "is_active": true,
+    "created_at": "2026-01-01T00:00:00Z",
+    "updated_at": "2026-01-01T00:00:00Z",
+    "priority": "mandatory",
+    "is_court_set": false,
+    "is_bilateral": false,
+    "lifecycle_state": "published"
+  }
+]

pkg/litigationplanner/embedded/upc/snapshot.go

@@ -0,0 +1,315 @@
+package upc
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/google/uuid"
+
+	lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+// SnapshotCatalog is the embedded-JSON implementation of lp.Catalog.
+// All lookups are O(1) on indexed in-memory maps; LookupEvents does a
+// linear scan of the rule slice (< 100 rows in the UPC corpus, no
+// index needed).
+//
+// ProjectHint is ignored — the snapshot has no project-scoped rules.
+// applies_to_target (B1) and condition_expr (Phase 2) ride along on
+// each Rule as ordinary fields; the engine consumes them identically
+// whether the catalog is paliad-backed or snapshot-backed.
+type SnapshotCatalog struct {
+	procs         []lp.ProceedingType
+	rules         []lp.Rule
+	triggerByID   map[int64]lp.TriggerEvent
+	rulesByProc   map[int][]lp.Rule
+	ruleByID      map[uuid.UUID]lp.Rule
+	procByID      map[int]lp.ProceedingType
+	procByCode    map[string]lp.ProceedingType
+	rulesByTriggr map[int64][]lp.Rule
+}
+
+// NewCatalog parses the embedded snapshot and returns a ready-to-use
+// Catalog. Returns an error when the JSON is missing or malformed
+// (e.g. snapshot never generated, or stale relative to the package
+// types).
+func NewCatalog() (*SnapshotCatalog, error) {
+	var procs []lp.ProceedingType
+	if err := readJSON("proceeding_types.json", &procs); err != nil {
+		return nil, err
+	}
+	var rules []lp.Rule
+	if err := readJSON("rules.json", &rules); err != nil {
+		return nil, err
+	}
+	var triggers []lp.TriggerEvent
+	if err := readJSON("trigger_events.json", &triggers); err != nil {
+		return nil, err
+	}
+
+	c := &SnapshotCatalog{
+		procs:         procs,
+		rules:         rules,
+		triggerByID:   make(map[int64]lp.TriggerEvent, len(triggers)),
+		rulesByProc:   make(map[int][]lp.Rule),
+		ruleByID:      make(map[uuid.UUID]lp.Rule, len(rules)),
+		procByID:      make(map[int]lp.ProceedingType, len(procs)),
+		procByCode:    make(map[string]lp.ProceedingType, len(procs)),
+		rulesByTriggr: make(map[int64][]lp.Rule),
+	}
+	for _, p := range procs {
+		c.procByID[p.ID] = p
+		c.procByCode[p.Code] = p
+	}
+	for _, r := range rules {
+		c.ruleByID[r.ID] = r
+		if r.ProceedingTypeID != nil {
+			c.rulesByProc[*r.ProceedingTypeID] = append(c.rulesByProc[*r.ProceedingTypeID], r)
+		}
+		if r.TriggerEventID != nil {
+			c.rulesByTriggr[*r.TriggerEventID] = append(c.rulesByTriggr[*r.TriggerEventID], r)
+		}
+	}
+	for _, t := range triggers {
+		c.triggerByID[t.ID] = t
+	}
+	return c, nil
+}
+
+// LoadProceeding returns the proceeding-type metadata + rules. The
+// ProjectHint is ignored on the snapshot side (no projects).
+func (c *SnapshotCatalog) LoadProceeding(_ context.Context, code string, _ lp.ProjectHint) (*lp.ProceedingType, []lp.Rule, error) {
+	p, ok := c.procByCode[code]
+	if !ok {
+		return nil, nil, lp.ErrUnknownProceedingType
+	}
+	// Return a defensive copy of the rule slice so callers can sort /
+	// mutate without leaking back into the cache.
+	src := c.rulesByProc[p.ID]
+	dst := make([]lp.Rule, len(src))
+	copy(dst, src)
+	return &p, dst, nil
+}
+
+// LoadProceedingByID is the resolver used by CalculateRule.
+func (c *SnapshotCatalog) LoadProceedingByID(_ context.Context, id int) (*lp.ProceedingType, error) {
+	p, ok := c.procByID[id]
+	if !ok {
+		return nil, lp.ErrUnknownProceedingType
+	}
+	return &p, nil
+}
+
+// LoadRuleByID resolves a rule UUID to the rule row.
+func (c *SnapshotCatalog) LoadRuleByID(_ context.Context, ruleID string) (*lp.Rule, error) {
+	id, err := uuid.Parse(ruleID)
+	if err != nil {
+		return nil, lp.ErrUnknownRule
+	}
+	r, ok := c.ruleByID[id]
+	if !ok {
+		return nil, lp.ErrUnknownRule
+	}
+	return &r, nil
+}
+
+// LoadRuleByCode resolves a rule by (proceedingCode, submissionCode).
+func (c *SnapshotCatalog) LoadRuleByCode(_ context.Context, proceedingCode, submissionCode string) (*lp.Rule, *lp.ProceedingType, error) {
+	p, ok := c.procByCode[proceedingCode]
+	if !ok {
+		return nil, nil, lp.ErrUnknownProceedingType
+	}
+	for _, r := range c.rulesByProc[p.ID] {
+		if r.SubmissionCode != nil && *r.SubmissionCode == submissionCode {
+			rr := r
+			pp := p
+			return &rr, &pp, nil
+		}
+	}
+	return nil, nil, lp.ErrUnknownRule
+}
+
+// LoadRulesByTriggerEvent lists Pipeline-C trigger-event-rooted rules.
+func (c *SnapshotCatalog) LoadRulesByTriggerEvent(_ context.Context, triggerEventID int64) ([]lp.Rule, error) {
+	src := c.rulesByTriggr[triggerEventID]
+	dst := make([]lp.Rule, len(src))
+	copy(dst, src)
+	return dst, nil
+}
+
+// LoadTriggerEventsByIDs returns trigger-event rows for the given IDs.
+func (c *SnapshotCatalog) LoadTriggerEventsByIDs(_ context.Context, ids []int64) (map[int64]lp.TriggerEvent, error) {
+	out := make(map[int64]lp.TriggerEvent, len(ids))
+	for _, id := range ids {
+		if t, ok := c.triggerByID[id]; ok {
+			out[id] = t
+		}
+	}
+	return out, nil
+}
+
+// LookupEvents runs the multi-axis filter + depth walk against the
+// in-memory rule slice. Mirrors the paliad-side semantics: unknown
+// axis values fall through as "no filter on this axis"; anchors are
+// depth=1, walked-in children are depth=2+; results ordered by
+// (proceeding_type_id, sequence_order).
+func (c *SnapshotCatalog) LookupEvents(_ context.Context, axes lp.EventLookupAxes, depth lp.EventLookupDepth) ([]lp.EventMatch, error) {
+	// Validate axes; unknown values reset to empty (no filter).
+	jurisdiction := axes.Jurisdiction
+	if jurisdiction != "" && jurisdiction != "UPC" && jurisdiction != "DE" &&
+		jurisdiction != "EPA" && jurisdiction != "DPMA" {
+		jurisdiction = ""
+	}
+	party := axes.Party
+	if party != "" && !lp.IsValidPrimaryParty(party) {
+		party = ""
+	}
+	appealTarget := axes.AppealTarget
+	if appealTarget != "" && !lp.IsValidAppealTarget(appealTarget) {
+		appealTarget = ""
+	}
+
+	// First pass: find anchor matches (rules that satisfy every
+	// non-zero axis directly).
+	anchors := make(map[uuid.UUID]bool, len(c.rules))
+	for _, r := range c.rules {
+		if r.ProceedingTypeID == nil {
+			continue
+		}
+		p := c.procByID[*r.ProceedingTypeID]
+		if jurisdiction != "" && (p.Jurisdiction == nil || *p.Jurisdiction != jurisdiction) {
+			continue
+		}
+		if axes.ProceedingTypeID != nil && *r.ProceedingTypeID != *axes.ProceedingTypeID {
+			continue
+		}
+		if party != "" && (r.PrimaryParty == nil || *r.PrimaryParty != party) {
+			continue
+		}
+		// EventCategoryID axis: the embedded snapshot doesn't carry
+		// the deadline_concept_event_types junction (only paliad has
+		// it). When EventCategoryID is set, we conservatively return
+		// no matches — youpc.org doesn't use this axis today. Future
+		// snapshot generations can add a concept→category index if
+		// needed.
+		if axes.EventCategoryID != nil {
+			continue
+		}
+		if appealTarget != "" {
+			found := false
+			for _, t := range r.AppliesToTarget {
+				if t == appealTarget {
+					found = true
+					break
+				}
+			}
+			if !found {
+				continue
+			}
+		}
+		anchors[r.ID] = true
+	}
+
+	// Second pass: depth walk. Expand anchors → their immediate
+	// children (parent_id ∈ matched). Iterate to fixpoint for
+	// EventLookupDepthAllFollowing; stop after one pass for
+	// EventLookupDepthNext.
+	matched := make(map[uuid.UUID]bool, len(anchors))
+	for id := range anchors {
+		matched[id] = true
+	}
+	if depth == lp.EventLookupDepthNext || depth == lp.EventLookupDepthAllFollowing {
+		for {
+			grew := false
+			for _, r := range c.rules {
+				if matched[r.ID] {
+					continue
+				}
+				if r.ParentID == nil {
+					continue
+				}
+				if matched[*r.ParentID] {
+					matched[r.ID] = true
+					grew = true
+				}
+			}
+			if !grew || depth == lp.EventLookupDepthNext {
+				break
+			}
+		}
+	}
+
+	// Compute depth from anchor: walk parent_id chain until we hit
+	// an anchor.
+	depths := make(map[uuid.UUID]int, len(matched))
+	for id := range matched {
+		if anchors[id] {
+			depths[id] = 1
+			continue
+		}
+		// Walk up.
+		d := 1
+		cur := id
+		maxIter := len(matched) + 1
+		for i := 0; i < maxIter; i++ {
+			r, ok := c.ruleByID[cur]
+			if !ok || r.ParentID == nil {
+				break
+			}
+			d++
+			cur = *r.ParentID
+			if anchors[cur] {
+				break
+			}
+		}
+		depths[id] = d
+	}
+
+	// Compose output, ordered by (proceeding_type_id, sequence_order)
+	// via the catalog's rule slice ordering.
+	out := make([]lp.EventMatch, 0, len(matched))
+	for _, r := range c.rules {
+		if !matched[r.ID] {
+			continue
+		}
+		var parentRuleID *uuid.UUID
+		if r.ParentID != nil && matched[*r.ParentID] {
+			p := *r.ParentID
+			parentRuleID = &p
+		}
+		proc := lp.ProceedingType{}
+		if r.ProceedingTypeID != nil {
+			proc = c.procByID[*r.ProceedingTypeID]
+		}
+		out = append(out, lp.EventMatch{
+			Rule:            r,
+			ProceedingType:  proc,
+			Priority:        r.Priority,
+			DepthFromAnchor: depths[r.ID],
+			ParentRuleID:    parentRuleID,
+		})
+	}
+	return out, nil
+}
+
+// LoadScenarios returns an empty slice. The snapshot catalog has no
+// scenarios — youpc.org (the consumer today) doesn't carry a project /
+// user model. Future snapshot variants could ship demo scenarios, but
+// v1 returns nothing.
+func (c *SnapshotCatalog) LoadScenarios(_ context.Context, _ lp.ScenarioFilter) ([]lp.Scenario, error) {
+	return []lp.Scenario{}, nil
+}
+
+// MatchScenario always returns ErrUnknownScenario — the snapshot has
+// no scenarios to match against.
+func (c *SnapshotCatalog) MatchScenario(_ context.Context, _ uuid.UUID) (*lp.Scenario, error) {
+	return nil, lp.ErrUnknownScenario
+}
+
+// Compile-time assertion that SnapshotCatalog satisfies lp.Catalog.
+var _ lp.Catalog = (*SnapshotCatalog)(nil)
+
+// ErrSnapshotEmpty is returned by NewCatalog when the embedded files
+// parse but the corpus is empty (zero proceedings) — almost always a
+// sign that the snapshot has never been generated.
+var ErrSnapshotEmpty = fmt.Errorf("upc snapshot is empty — run cmd/gen-upc-snapshot")

pkg/litigationplanner/embedded/upc/snapshot_test.go

@@ -0,0 +1,215 @@
+package upc
+
+import (
+	"context"
+	"testing"
+	"time"
+
+	lp "mgit.msbls.de/m/paliad/pkg/litigationplanner"
+)
+
+// TestSnapshotMeta loads + parses meta.json and asserts the version
+// + non-zero counts. Until the operator regenerates the snapshot the
+// placeholder shipped with Slice C must still parse cleanly.
+func TestSnapshotMeta(t *testing.T) {
+	meta, err := LoadMeta()
+	if err != nil {
+		t.Fatalf("LoadMeta: %v", err)
+	}
+	if meta.Version == "" {
+		t.Error("meta.Version is empty")
+	}
+	if meta.ProceedingCount <= 0 {
+		t.Errorf("meta.ProceedingCount = %d, want > 0", meta.ProceedingCount)
+	}
+	if meta.RuleCount <= 0 {
+		t.Errorf("meta.RuleCount = %d, want > 0", meta.RuleCount)
+	}
+}
+
+// TestSnapshotCatalog smoke-tests the embedded catalog's lookups
+// against the shipped placeholder. After operator regeneration the
+// asserts on per-row content still hold because they pin the wire
+// shape (proceedingType.Code, rule resolution by code, lookup-events
+// jurisdiction filter).
+func TestSnapshotCatalog(t *testing.T) {
+	cat, err := NewCatalog()
+	if err != nil {
+		t.Fatalf("NewCatalog: %v", err)
+	}
+	ctx := context.Background()
+
+	t.Run("LoadProceeding upc.inf.cfi", func(t *testing.T) {
+		pt, rules, err := cat.LoadProceeding(ctx, "upc.inf.cfi", lp.ProjectHint{})
+		if err != nil {
+			t.Fatalf("LoadProceeding: %v", err)
+		}
+		if pt.Code != "upc.inf.cfi" {
+			t.Errorf("pt.Code = %q, want upc.inf.cfi", pt.Code)
+		}
+		if pt.Jurisdiction == nil || *pt.Jurisdiction != "UPC" {
+			t.Errorf("pt.Jurisdiction = %v, want UPC", pt.Jurisdiction)
+		}
+		if len(rules) == 0 {
+			t.Error("LoadProceeding returned zero rules — snapshot empty?")
+		}
+	})
+
+	t.Run("LoadProceeding unknown code returns ErrUnknownProceedingType", func(t *testing.T) {
+		_, _, err := cat.LoadProceeding(ctx, "no.such.code", lp.ProjectHint{})
+		if err != lp.ErrUnknownProceedingType {
+			t.Errorf("got %v, want ErrUnknownProceedingType", err)
+		}
+	})
+
+	t.Run("LookupEvents UPC all-following returns the whole UPC corpus", func(t *testing.T) {
+		matches, err := cat.LookupEvents(ctx, lp.EventLookupAxes{
+			Jurisdiction: "UPC",
+		}, lp.EventLookupDepthAllFollowing)
+		if err != nil {
+			t.Fatalf("LookupEvents: %v", err)
+		}
+		if len(matches) == 0 {
+			t.Fatal("expected non-empty UPC corpus")
+		}
+		for _, m := range matches {
+			if m.ProceedingType.Jurisdiction == nil || *m.ProceedingType.Jurisdiction != "UPC" {
+				t.Errorf("non-UPC row leaked: %v", m.ProceedingType.Code)
+			}
+			if m.DepthFromAnchor < 1 {
+				t.Errorf("depth = %d, want >= 1", m.DepthFromAnchor)
+			}
+		}
+	})
+
+	t.Run("LookupEvents party=defendant scopes anchors", func(t *testing.T) {
+		matches, err := cat.LookupEvents(ctx, lp.EventLookupAxes{
+			Jurisdiction: "UPC",
+			Party:        "defendant",
+		}, lp.EventLookupDepthNext)
+		if err != nil {
+			t.Fatalf("LookupEvents: %v", err)
+		}
+		// Anchor rows (depth=1) must all be defendant.
+		anyDefendant := false
+		for _, m := range matches {
+			if m.DepthFromAnchor != 1 {
+				continue
+			}
+			if m.Rule.PrimaryParty == nil || *m.Rule.PrimaryParty != "defendant" {
+				t.Errorf("anchor row %s is not defendant: %v", m.Rule.Name, m.Rule.PrimaryParty)
+			}
+			anyDefendant = true
+		}
+		if !anyDefendant {
+			t.Log("no defendant rules in the placeholder corpus — operator should regenerate the snapshot")
+		}
+	})
+}
+
+// TestSnapshotEngineCompute runs the litigationplanner engine against
+// the embedded snapshot end-to-end. Ensures the wiring between the
+// snapshot Catalog / HolidayCalendar / CourtRegistry + the engine
+// produces a non-empty timeline.
+func TestSnapshotEngineCompute(t *testing.T) {
+	cat, err := NewCatalog()
+	if err != nil {
+		t.Fatalf("NewCatalog: %v", err)
+	}
+	hc, err := NewHolidayCalendar()
+	if err != nil {
+		t.Fatalf("NewHolidayCalendar: %v", err)
+	}
+	cr, err := NewCourtRegistry()
+	if err != nil {
+		t.Fatalf("NewCourtRegistry: %v", err)
+	}
+
+	ctx := context.Background()
+	timeline, err := lp.Calculate(ctx, "upc.inf.cfi", "2026-01-15", lp.CalcOptions{}, cat, hc, cr)
+	if err != nil {
+		t.Fatalf("Calculate: %v", err)
+	}
+	if timeline == nil {
+		t.Fatal("Calculate returned nil timeline")
+	}
+	if timeline.ProceedingType != "upc.inf.cfi" {
+		t.Errorf("timeline.ProceedingType = %q, want upc.inf.cfi", timeline.ProceedingType)
+	}
+	if len(timeline.Deadlines) == 0 {
+		t.Error("timeline has zero deadlines — snapshot empty?")
+	}
+}
+
+// TestSnapshotHolidayCalendar smoke-tests the embedded calendar.
+// Pins core semantics: weekends are non-working; holidays at
+// matching country/regime are non-working; mismatches don't fire.
+func TestSnapshotHolidayCalendar(t *testing.T) {
+	hc, err := NewHolidayCalendar()
+	if err != nil {
+		t.Fatalf("NewHolidayCalendar: %v", err)
+	}
+
+	// 2026-01-03 is a Saturday — weekend, non-working regardless of
+	// country/regime.
+	sat := time.Date(2026, 1, 3, 0, 0, 0, 0, time.UTC)
+	if !hc.IsNonWorkingDay(sat, "DE", "UPC") {
+		t.Error("Saturday should be non-working")
+	}
+
+	// 2026-01-01 is Neujahr (DE closure) — non-working when country=DE.
+	newYear := time.Date(2026, 1, 1, 0, 0, 0, 0, time.UTC)
+	if !hc.IsNonWorkingDay(newYear, "DE", "UPC") {
+		t.Error("Neujahr should be non-working for DE")
+	}
+
+	// 2026-01-05 is a Monday — working (not in holidays, not weekend).
+	mon := time.Date(2026, 1, 5, 0, 0, 0, 0, time.UTC)
+	if hc.IsNonWorkingDay(mon, "DE", "UPC") {
+		t.Error("Monday 2026-01-05 should be working")
+	}
+
+	// AdjustForNonWorkingDays from a Saturday should land on Monday.
+	adj, _, was := hc.AdjustForNonWorkingDays(sat, "DE", "UPC")
+	if !was {
+		t.Error("expected adjustment for Saturday")
+	}
+	if adj.Weekday() != time.Monday {
+		t.Errorf("adjusted weekday = %v, want Monday", adj.Weekday())
+	}
+}
+
+// TestSnapshotCourtRegistry pins (country, regime) resolution.
+func TestSnapshotCourtRegistry(t *testing.T) {
+	cr, err := NewCourtRegistry()
+	if err != nil {
+		t.Fatalf("NewCourtRegistry: %v", err)
+	}
+
+	t.Run("empty courtID falls back to defaults", func(t *testing.T) {
+		c, r, err := cr.CountryRegime("", "DE", "UPC")
+		if err != nil {
+			t.Fatalf("CountryRegime: %v", err)
+		}
+		if c != "DE" || r != "UPC" {
+			t.Errorf("got (%q, %q), want (DE, UPC)", c, r)
+		}
+	})
+
+	t.Run("known UPC court resolves", func(t *testing.T) {
+		c, r, err := cr.CountryRegime("upc-ld-munich", "DE", "")
+		if err != nil {
+			t.Fatalf("CountryRegime: %v", err)
+		}
+		if c != "DE" || r != "UPC" {
+			t.Errorf("got (%q, %q), want (DE, UPC)", c, r)
+		}
+	})
+
+	t.Run("unknown court returns error", func(t *testing.T) {
+		_, _, err := cr.CountryRegime("not-a-court", "DE", "UPC")
+		if err == nil {
+			t.Error("expected error for unknown court")
+		}
+	})
+}

pkg/litigationplanner/embedded/upc/trigger_events.json

@@ -0,0 +1 @@
+[]

pkg/litigationplanner/engine.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"sort"
 	"time"
 
 	"github.com/google/uuid"
@@ -183,10 +184,27 @@ func Calculate(
 		return nil, fmt.Errorf("load trigger events for conditional labels: %w", err)
 	}
 
-	// Walk the rule list in sequence_order (already sorted by the
-	// catalog query) and compute each entry, keeping a code→date map so
-	// RelativeTo / parent_id references resolve to the adjusted
-	// predecessor date.
+	// Walk the rule list in TOPOLOGICAL order (parents before children),
+	// not the raw sequence_order order from the catalog. The catalog
+	// returns rules sorted by sequence_order, which is the chronological/
+	// display order. That order is parent-first for the common
+	// timing='after' case but parent-LAST for timing='before' children
+	// (e.g. upc.inf.cfi.translation_request at seq=45 vs its parent
+	// upc.inf.cfi.oral at seq=50 — m/paliad#135). Without topological
+	// ordering the parent-state checks below (courtSet[parent] /
+	// computed[parent_code]) read stale empty maps when a child appears
+	// before its parent, and the engine falls back to the trigger date
+	// → fabricates dates before the SoC.
+	//
+	// Original sequence_order is restored at the end of the walk so the
+	// wire shape and the timeline view's render order stay identical to
+	// the legacy behaviour modulo the bug fix.
+	sequenceIndex := make(map[uuid.UUID]int, len(rules))
+	for i, r := range rules {
+		sequenceIndex[r.ID] = i
+	}
+	walkRules := topoSortByParentDepth(rules)
+
 	computed := make(map[string]time.Time, len(rules))
 	courtSet := make(map[uuid.UUID]bool, len(rules))
 	deadlines := make([]TimelineEntry, 0, len(rules))
@@ -197,7 +215,7 @@ func Calculate(
 	hiddenCount := 0
 	appellantContext := make(map[uuid.UUID]string, len(rules))
 
-	for _, r := range rules {
+	for _, r := range walkRules {
 		// Phase-3 unified gate: evaluate condition_expr (jsonb).
 		// Suppression semantic preserved: when the gate fires false
 		// AND no alt_* values exist, the rule is dropped from the
@@ -249,6 +267,10 @@ func Calculate(
 			appellantContext[r.ID] = ctxVal
 		}
 
+		ruleTiming := ""
+		if r.Timing != nil {
+			ruleTiming = *r.Timing
+		}
 		d := TimelineEntry{
 			RuleID:           r.ID.String(),
 			Name:             r.Name,
@@ -258,6 +280,9 @@ func Calculate(
 			AppellantContext: ctxVal,
 			ChoicesOffered:   json.RawMessage(r.ChoicesOffered),
 			IsHidden:         isHidden,
+			DurationValue:    r.DurationValue,
+			DurationUnit:     r.DurationUnit,
+			Timing:           ruleTiming,
 		}
 		if r.SubmissionCode != nil {
 			d.Code = *r.SubmissionCode
@@ -547,6 +572,20 @@ func Calculate(
 		deadlines = append(deadlines, d)
 	}
 
+	// Restore sequence_order on the output slice. The compute walk
+	// re-ordered rules topologically (parent-first) so the parent-state
+	// checks resolved correctly; the wire shape and the linear timeline
+	// view both rely on sequence_order being the surface render order.
+	// (m/paliad#135)
+	sort.SliceStable(deadlines, func(i, j int) bool {
+		a, errA := uuid.Parse(deadlines[i].RuleID)
+		b, errB := uuid.Parse(deadlines[j].RuleID)
+		if errA != nil || errB != nil {
+			return false
+		}
+		return sequenceIndex[a] < sequenceIndex[b]
+	})
+
 	// t-paliad-296: within consecutive runs of rules sharing the same
 	// trigger group (parent_id + trigger_event_id), reorder by duration
 	// ascending so optional events following the same anchor render in
@@ -571,6 +610,21 @@ func Calculate(
 	if pickedProceeding.TriggerEventLabelEN != nil {
 		resp.TriggerEventLabelEN = *pickedProceeding.TriggerEventLabelEN
 	}
+	// t-paliad-301 / m/paliad#132 Bug B — appeal_target-driven trigger
+	// label. When the request narrows to a specific appeal target, the
+	// "Auslösendes Ereignis" label describes the underlying decision
+	// (Endentscheidung / Kostenentscheidung / Anordnung /
+	// Schadensbemessung / Bucheinsicht) rather than the appeal
+	// proceeding itself. Overrides the proceeding's own
+	// trigger_event_label set above.
+	if opts.AppealTarget != "" {
+		if de := TriggerEventLabelForAppealTarget(opts.AppealTarget, "de"); de != "" {
+			resp.TriggerEventLabel = de
+		}
+		if en := TriggerEventLabelForAppealTarget(opts.AppealTarget, "en"); en != "" {
+			resp.TriggerEventLabelEN = en
+		}
+	}
 	if hasSubTrackNote {
 		resp.ContextualNote = subTrackNote.NoteDE
 		resp.ContextualNoteEN = subTrackNote.NoteEN
@@ -656,6 +710,9 @@ func calculateByTriggerEvent(
 			OriginalDate:     original.Format("2006-01-02"),
 			WasAdjusted:      wasAdj,
 			AdjustmentReason: reason,
+			DurationValue:    r.DurationValue,
+			DurationUnit:     r.DurationUnit,
+			Timing:           timing,
 		}
 		if r.SubmissionCode != nil {
 			d.Code = *r.SubmissionCode
@@ -925,3 +982,60 @@ func AllFlagsSet(required []string, set map[string]struct{}) bool {
 func WireFlagsFromPriority(priority string) (isMandatory, isOptional bool) {
 	return wireFlagsFromPriority(priority)
 }
+
+// topoSortByParentDepth returns a copy of `rules` ordered so every rule
+// appears after its parent_id ancestor. Ties (rules at the same depth)
+// preserve their input order — which the catalog returns in
+// sequence_order. Used by Calculate to ensure the parent-state checks
+// (courtSet[parent], computed[parent_code]) see populated entries even
+// when sequence_order lists a "before"-timed child BEFORE its parent
+// (e.g. upc.inf.cfi.translation_request at seq=45 with parent
+// upc.inf.cfi.oral at seq=50 — m/paliad#135).
+//
+// Rules whose parent_id is missing from the rule slice (cross-tree
+// references that the per-proceeding filter dropped) are treated as
+// depth 0 — they walk in their original sequence position.
+//
+// The algorithm is depth-via-memoised-recursion. Cycle protection: a
+// rule chain that revisits a node is broken at depth 0; production
+// data shouldn't contain cycles, but a corrupted catalog mustn't hang
+// the calculator.
+func topoSortByParentDepth(rules []Rule) []Rule {
+	byID := make(map[uuid.UUID]Rule, len(rules))
+	inSlice := make(map[uuid.UUID]bool, len(rules))
+	for _, r := range rules {
+		byID[r.ID] = r
+		inSlice[r.ID] = true
+	}
+
+	depth := make(map[uuid.UUID]int, len(rules))
+	var resolve func(id uuid.UUID, seen map[uuid.UUID]bool) int
+	resolve = func(id uuid.UUID, seen map[uuid.UUID]bool) int {
+		if d, ok := depth[id]; ok {
+			return d
+		}
+		if seen[id] {
+			depth[id] = 0
+			return 0
+		}
+		seen[id] = true
+		r, ok := byID[id]
+		if !ok || r.ParentID == nil || !inSlice[*r.ParentID] {
+			depth[id] = 0
+			return 0
+		}
+		d := resolve(*r.ParentID, seen) + 1
+		depth[id] = d
+		return d
+	}
+	for _, r := range rules {
+		resolve(r.ID, map[uuid.UUID]bool{})
+	}
+
+	out := make([]Rule, len(rules))
+	copy(out, rules)
+	sort.SliceStable(out, func(i, j int) bool {
+		return depth[out[i].ID] < depth[out[j].ID]
+	})
+	return out
+}

pkg/litigationplanner/scenarios.go

@@ -0,0 +1,215 @@
+package litigationplanner
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"time"
+
+	"github.com/google/uuid"
+)
+
+// Slice D scenarios — m/paliad#124 §5 (revised), mig 145.
+//
+// A Scenario is a named composition of existing proceedings + flags +
+// per-card choices + anchor dates. v1 ships with one primary proceeding
+// per scenario; the spec.proceedings[] array is architected to absorb
+// multi-peer compose (v2) without a schema migration.
+//
+// "users should not add their own rules" (m, t-paliad-301) — the spec
+// references existing rules by submission_code; it never creates new
+// ones. ValidateSpec checks every code/submission resolves against the
+// current catalog before a save is accepted.
+
+// Scenario is one row of paliad.scenarios. Wire shape doubles as the
+// API request/response payload for /api/scenarios.
+type Scenario struct {
+	ID          uuid.UUID  `db:"id"          json:"id"`
+	ProjectID   *uuid.UUID `db:"project_id"  json:"project_id,omitempty"`
+	Name        string     `db:"name"        json:"name"`
+	Description *string    `db:"description" json:"description,omitempty"`
+	// Spec carries the jsonb composition. Stored raw so we can ship
+	// shape evolutions without schema churn; ParseSpec gives the
+	// structured view.
+	Spec      NullableJSON `db:"spec"       json:"spec"`
+	CreatedBy *uuid.UUID   `db:"created_by" json:"created_by,omitempty"`
+	CreatedAt time.Time    `db:"created_at" json:"created_at"`
+	UpdatedAt time.Time    `db:"updated_at" json:"updated_at"`
+}
+
+// ScenarioSpec is the parsed view of Scenario.Spec. v1 = version 1.
+// Future shape changes bump the version; ParseSpec rejects unknown
+// versions so an old client doesn't silently misread a future-shape
+// scenario.
+type ScenarioSpec struct {
+	Version         int                 `json:"version"`
+	BaseTriggerDate string              `json:"base_trigger_date"`
+	Proceedings     []ScenarioProceeding `json:"proceedings"`
+}
+
+// ScenarioProceeding is one entry under spec.proceedings[]. v1 honours
+// exactly one with role="primary" (additional entries with role="peer"
+// are reserved for v2 multi-proceeding compose and silently ignored
+// by the engine today).
+type ScenarioProceeding struct {
+	Code                string                       `json:"code"`
+	Role                string                       `json:"role"` // "primary" | "peer" (v2)
+	TriggerDateOverride string                       `json:"trigger_date_override,omitempty"`
+	Flags               []string                     `json:"flags,omitempty"`
+	PerCardChoices      map[string]ScenarioCardChoice `json:"per_card_choices,omitempty"`
+	AnchorOverrides     map[string]string            `json:"anchor_overrides,omitempty"`
+	SkipRules           []string                     `json:"skip_rules,omitempty"`
+	AppealTarget        string                       `json:"appeal_target,omitempty"`
+}
+
+// ScenarioCardChoice is one entry under
+// spec.proceedings[*].per_card_choices. Mirrors the t-paliad-265 choice
+// kinds; not every kind is populated on every card.
+type ScenarioCardChoice struct {
+	Appellant  string `json:"appellant,omitempty"`
+	IncludeCCR *bool  `json:"include_ccr,omitempty"`
+	Skip       *bool  `json:"skip,omitempty"`
+}
+
+// Spec version constant.
+const ScenarioSpecVersion = 1
+
+// Sentinel errors for scenarios.
+var (
+	ErrUnknownScenario   = errors.New("unknown scenario")
+	ErrInvalidScenario   = errors.New("invalid scenario spec")
+	ErrScenarioNoPrimary = errors.New("scenario spec has no proceeding with role='primary'")
+)
+
+// ScenarioRole* are the canonical role slugs for ScenarioProceeding.Role.
+const (
+	ScenarioRolePrimary = "primary"
+	ScenarioRolePeer    = "peer"
+)
+
+// ParseSpec decodes Scenario.Spec into a structured ScenarioSpec. Used
+// by the engine adapter + the rule-editor preview. Surfaces a friendly
+// error wrapping ErrInvalidScenario on malformed JSON / unknown version
+// so the handler can map to a 400.
+func ParseSpec(raw NullableJSON) (*ScenarioSpec, error) {
+	if len(raw) == 0 {
+		return nil, fmt.Errorf("%w: spec is empty", ErrInvalidScenario)
+	}
+	var s ScenarioSpec
+	if err := json.Unmarshal([]byte(raw), &s); err != nil {
+		return nil, fmt.Errorf("%w: decode spec: %v", ErrInvalidScenario, err)
+	}
+	if s.Version != ScenarioSpecVersion {
+		return nil, fmt.Errorf("%w: spec.version=%d, want %d",
+			ErrInvalidScenario, s.Version, ScenarioSpecVersion)
+	}
+	return &s, nil
+}
+
+// PrimaryProceeding returns the entry from spec.proceedings[] with
+// role="primary". Returns ErrScenarioNoPrimary if absent — every spec
+// must carry exactly one primary entry. (Multiple primaries are also
+// rejected: the engine consumes one.)
+func (s *ScenarioSpec) PrimaryProceeding() (*ScenarioProceeding, error) {
+	var primary *ScenarioProceeding
+	for i := range s.Proceedings {
+		if s.Proceedings[i].Role == ScenarioRolePrimary {
+			if primary != nil {
+				return nil, fmt.Errorf("%w: multiple proceedings with role='primary'", ErrInvalidScenario)
+			}
+			primary = &s.Proceedings[i]
+		}
+	}
+	if primary == nil {
+		return nil, ErrScenarioNoPrimary
+	}
+	return primary, nil
+}
+
+// CalcOptionsFromSpec builds a CalcOptions from the scenario's primary
+// entry. The caller still needs the proceeding code + the trigger date,
+// both returned alongside.
+//
+// v1: only the primary entry is honoured. v2 will iterate over peer
+// entries; the multi-peer merge lives in the paliad-side
+// ProjectionService (one Calculate call per entry, merged + sorted by
+// date).
+func (s *ScenarioSpec) CalcOptionsFromSpec() (proceedingCode, triggerDate string, opts CalcOptions, err error) {
+	primary, err := s.PrimaryProceeding()
+	if err != nil {
+		return "", "", CalcOptions{}, err
+	}
+	td := s.BaseTriggerDate
+	if primary.TriggerDateOverride != "" {
+		td = primary.TriggerDateOverride
+	}
+	if td == "" {
+		return "", "", CalcOptions{}, fmt.Errorf("%w: no base_trigger_date and no per-proceeding override", ErrInvalidScenario)
+	}
+
+	perCardAppellant := make(map[string]string, len(primary.PerCardChoices))
+	skipRules := make(map[string]struct{}, len(primary.SkipRules))
+	includeCCRFor := make(map[string]struct{}, len(primary.PerCardChoices))
+	for code, choice := range primary.PerCardChoices {
+		if choice.Appellant != "" {
+			perCardAppellant[code] = choice.Appellant
+		}
+		if choice.IncludeCCR != nil && *choice.IncludeCCR {
+			includeCCRFor[code] = struct{}{}
+		}
+		if choice.Skip != nil && *choice.Skip {
+			skipRules[code] = struct{}{}
+		}
+	}
+	for _, code := range primary.SkipRules {
+		skipRules[code] = struct{}{}
+	}
+
+	return primary.Code, td, CalcOptions{
+		Flags:            primary.Flags,
+		AnchorOverrides:  primary.AnchorOverrides,
+		AppealTarget:     primary.AppealTarget,
+		PerCardAppellant: perCardAppellant,
+		SkipRules:        skipRules,
+		IncludeCCRFor:    includeCCRFor,
+	}, nil
+}
+
+// ScenarioFilter narrows Catalog.LoadScenarios. All fields optional:
+//
+//   - ProjectID non-nil: only scenarios attached to that project
+//     (project_id = filter.ProjectID).
+//   - AbstractForUser non-nil: only abstract scenarios (project_id IS
+//     NULL) created by that user.
+//   - Both nil: list every scenario the caller can see (RLS-gated).
+type ScenarioFilter struct {
+	ProjectID       *uuid.UUID
+	AbstractForUser *uuid.UUID
+}
+
+// CalculateFromScenario is the high-level engine entry for scenario-
+// driven rendering. Unpacks the spec, builds CalcOptions, and delegates
+// to Calculate.
+//
+// v1: surfaces only the primary proceeding's timeline. v2 multi-peer
+// expansion lives on the paliad-side ProjectionService (per-entry
+// Calculate + client-side merge); the package doesn't own that
+// orchestration.
+func CalculateFromScenario(
+	ctx context.Context,
+	scenario *Scenario,
+	catalog Catalog,
+	holidays HolidayCalendar,
+	courts CourtRegistry,
+) (*Timeline, error) {
+	spec, err := ParseSpec(scenario.Spec)
+	if err != nil {
+		return nil, err
+	}
+	code, triggerDate, opts, err := spec.CalcOptionsFromSpec()
+	if err != nil {
+		return nil, err
+	}
+	return Calculate(ctx, code, triggerDate, opts, catalog, holidays, courts)
+}

pkg/litigationplanner/scenarios_test.go

@@ -0,0 +1,207 @@
+package litigationplanner
+
+import (
+	"strings"
+	"testing"
+)
+
+// TestParseSpec_Roundtrip pins the spec-decoder contract: well-formed
+// jsonb with version=1 parses; unknown versions and malformed JSON
+// surface ErrInvalidScenario.
+func TestParseSpec_Roundtrip(t *testing.T) {
+	cases := []struct {
+		name    string
+		spec    string
+		wantErr bool
+	}{
+		{
+			"v1 primary-only",
+			`{"version":1,"base_trigger_date":"2026-05-26","proceedings":[{"code":"upc.inf.cfi","role":"primary"}]}`,
+			false,
+		},
+		{
+			"v1 with full primary entry",
+			`{"version":1,"base_trigger_date":"2026-05-26","proceedings":[
+				{"code":"upc.inf.cfi","role":"primary","flags":["with_ccr"],
+				 "anchor_overrides":{"inf.reply":"2026-08-15"},
+				 "skip_rules":["inf.r30_amend"]}
+			 ]}`,
+			false,
+		},
+		{
+			"v2 spec rejected — unknown version",
+			`{"version":2,"proceedings":[]}`,
+			true,
+		},
+		{
+			"empty spec",
+			``,
+			true,
+		},
+		{
+			"malformed json",
+			`{"version":1,"proceedings":[}`,
+			true,
+		},
+	}
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			_, err := ParseSpec(NullableJSON(c.spec))
+			if c.wantErr && err == nil {
+				t.Errorf("ParseSpec(%s): want error, got nil", c.spec)
+			}
+			if !c.wantErr && err != nil {
+				t.Errorf("ParseSpec(%s): unexpected error %v", c.spec, err)
+			}
+		})
+	}
+}
+
+// TestScenarioSpec_PrimaryProceeding pins the "exactly one primary"
+// invariant: zero → ErrScenarioNoPrimary; multiple → ErrInvalidScenario.
+func TestScenarioSpec_PrimaryProceeding(t *testing.T) {
+	t.Run("zero primary → ErrScenarioNoPrimary", func(t *testing.T) {
+		s := &ScenarioSpec{
+			Version: 1,
+			Proceedings: []ScenarioProceeding{
+				{Code: "upc.inf.cfi", Role: ScenarioRolePeer},
+			},
+		}
+		_, err := s.PrimaryProceeding()
+		if err != ErrScenarioNoPrimary {
+			t.Errorf("want ErrScenarioNoPrimary, got %v", err)
+		}
+	})
+
+	t.Run("two primaries rejected", func(t *testing.T) {
+		s := &ScenarioSpec{
+			Version: 1,
+			Proceedings: []ScenarioProceeding{
+				{Code: "upc.inf.cfi", Role: ScenarioRolePrimary},
+				{Code: "upc.rev.cfi", Role: ScenarioRolePrimary},
+			},
+		}
+		_, err := s.PrimaryProceeding()
+		if err == nil || !strings.Contains(err.Error(), "multiple proceedings with role='primary'") {
+			t.Errorf("want multi-primary error, got %v", err)
+		}
+	})
+
+	t.Run("single primary picked", func(t *testing.T) {
+		s := &ScenarioSpec{
+			Version: 1,
+			Proceedings: []ScenarioProceeding{
+				{Code: "upc.inf.cfi", Role: ScenarioRolePeer},
+				{Code: "upc.rev.cfi", Role: ScenarioRolePrimary, Flags: []string{"with_amend"}},
+			},
+		}
+		p, err := s.PrimaryProceeding()
+		if err != nil {
+			t.Fatalf("PrimaryProceeding: %v", err)
+		}
+		if p.Code != "upc.rev.cfi" {
+			t.Errorf("primary code = %q, want upc.rev.cfi", p.Code)
+		}
+		if len(p.Flags) != 1 || p.Flags[0] != "with_amend" {
+			t.Errorf("primary.Flags = %v, want [with_amend]", p.Flags)
+		}
+	})
+}
+
+// TestScenarioSpec_CalcOptionsFromSpec covers the unpack from spec
+// jsonb into the CalcOptions the engine consumes. Pins:
+//   - base_trigger_date used when no per-proceeding override
+//   - trigger_date_override wins when set
+//   - flags + anchor_overrides + appeal_target passed through verbatim
+//   - per_card_choices unpacked into PerCardAppellant / SkipRules /
+//     IncludeCCRFor maps
+func TestScenarioSpec_CalcOptionsFromSpec(t *testing.T) {
+	includeTrue := true
+	skipTrue := true
+	s := &ScenarioSpec{
+		Version:         1,
+		BaseTriggerDate: "2026-05-26",
+		Proceedings: []ScenarioProceeding{{
+			Code:                "upc.inf.cfi",
+			Role:                ScenarioRolePrimary,
+			Flags:               []string{"with_ccr"},
+			AnchorOverrides:     map[string]string{"inf.reply": "2026-08-15"},
+			AppealTarget:        "endentscheidung",
+			SkipRules:           []string{"explicit_skip_code"},
+			PerCardChoices: map[string]ScenarioCardChoice{
+				"inf.r30_amend":   {Appellant: "claimant"},
+				"inf.rejoin":      {IncludeCCR: &includeTrue},
+				"inf.amend_other": {Skip: &skipTrue},
+			},
+		}},
+	}
+	code, td, opts, err := s.CalcOptionsFromSpec()
+	if err != nil {
+		t.Fatalf("CalcOptionsFromSpec: %v", err)
+	}
+	if code != "upc.inf.cfi" {
+		t.Errorf("code = %q, want upc.inf.cfi", code)
+	}
+	if td != "2026-05-26" {
+		t.Errorf("triggerDate = %q, want 2026-05-26", td)
+	}
+	if len(opts.Flags) != 1 || opts.Flags[0] != "with_ccr" {
+		t.Errorf("opts.Flags = %v, want [with_ccr]", opts.Flags)
+	}
+	if opts.AppealTarget != "endentscheidung" {
+		t.Errorf("opts.AppealTarget = %q, want endentscheidung", opts.AppealTarget)
+	}
+	if got := opts.AnchorOverrides["inf.reply"]; got != "2026-08-15" {
+		t.Errorf("opts.AnchorOverrides[inf.reply] = %q, want 2026-08-15", got)
+	}
+	if got := opts.PerCardAppellant["inf.r30_amend"]; got != "claimant" {
+		t.Errorf("opts.PerCardAppellant[inf.r30_amend] = %q, want claimant", got)
+	}
+	if _, ok := opts.IncludeCCRFor["inf.rejoin"]; !ok {
+		t.Error("opts.IncludeCCRFor missing inf.rejoin")
+	}
+	if _, ok := opts.SkipRules["inf.amend_other"]; !ok {
+		t.Error("opts.SkipRules missing inf.amend_other (from per_card_choices.skip)")
+	}
+	if _, ok := opts.SkipRules["explicit_skip_code"]; !ok {
+		t.Error("opts.SkipRules missing explicit_skip_code (from skip_rules[])")
+	}
+}
+
+// TestScenarioSpec_TriggerDateOverride pins the per-proceeding override
+// path (v2-ready — primary entry honours trigger_date_override too).
+func TestScenarioSpec_TriggerDateOverride(t *testing.T) {
+	s := &ScenarioSpec{
+		Version:         1,
+		BaseTriggerDate: "2026-05-26",
+		Proceedings: []ScenarioProceeding{{
+			Code:                "upc.inf.cfi",
+			Role:                ScenarioRolePrimary,
+			TriggerDateOverride: "2026-12-01",
+		}},
+	}
+	_, td, _, err := s.CalcOptionsFromSpec()
+	if err != nil {
+		t.Fatalf("CalcOptionsFromSpec: %v", err)
+	}
+	if td != "2026-12-01" {
+		t.Errorf("triggerDate = %q, want override 2026-12-01", td)
+	}
+}
+
+// TestScenarioSpec_NoBaseTrigger pins the safety check that a spec
+// without base_trigger_date AND without per-proceeding override
+// surfaces ErrInvalidScenario (the engine can't render without a date).
+func TestScenarioSpec_NoBaseTrigger(t *testing.T) {
+	s := &ScenarioSpec{
+		Version: 1,
+		Proceedings: []ScenarioProceeding{{
+			Code: "upc.inf.cfi",
+			Role: ScenarioRolePrimary,
+		}},
+	}
+	_, _, _, err := s.CalcOptionsFromSpec()
+	if err == nil {
+		t.Fatal("want ErrInvalidScenario, got nil")
+	}
+}

pkg/litigationplanner/types.go

@@ -185,6 +185,65 @@ type ProceedingType struct {
 	// — today the unified upc.apl row has this NULL (per-rule targets
 	// live on Rule.AppliesToTarget).
 	AppealTarget *string `db:"appeal_target" json:"appeal_target,omitempty"`
+
+	// Role label overrides (t-paliad-301 / m/paliad#132, mig 137).
+	// NULL = renderer falls back to the language-default labels
+	// ("Klägerseite" / "Beklagtenseite" / "Claimant side" / "Defendant side").
+	// Set on proceedings where the role-naming diverges from the
+	// claimant/defendant default (Appeal → Berufungskläger /
+	// Berufungsbeklagter; Revocation → Antragsteller /
+	// Antragsgegner Nichtigkeit; EPA Opposition → Einsprechende(r) /
+	// Patentinhaber(in)).
+	RoleProactiveLabelDE *string `db:"role_proactive_label_de" json:"role_proactive_label_de,omitempty"`
+	RoleProactiveLabelEN *string `db:"role_proactive_label_en" json:"role_proactive_label_en,omitempty"`
+	RoleReactiveLabelDE  *string `db:"role_reactive_label_de"  json:"role_reactive_label_de,omitempty"`
+	RoleReactiveLabelEN  *string `db:"role_reactive_label_en"  json:"role_reactive_label_en,omitempty"`
+}
+
+// TriggerEventLabelForAppealTarget returns the per-target
+// "Auslösendes Ereignis" label for the unified UPC Berufung
+// proceeding (t-paliad-301 / m/paliad#132 Bug B). The trigger event
+// for an appeal is the underlying decision, not the appeal
+// proceeding itself — these labels override the proceeding's own
+// trigger_event_label when appeal_target is set.
+//
+// lang ∈ {"de", "en"}; any other value falls through to "de" so the
+// caller never gets an empty string.
+//
+// Returns empty when target is empty / unknown (caller must fall
+// back to the proceeding's own trigger_event_label).
+func TriggerEventLabelForAppealTarget(target, lang string) string {
+	if lang != "en" {
+		lang = "de"
+	}
+	switch target {
+	case AppealTargetEndentscheidung:
+		if lang == "en" {
+			return "Final decision (R.118)"
+		}
+		return "Endentscheidung (R.118)"
+	case AppealTargetKostenentscheidung:
+		if lang == "en" {
+			return "Cost decision"
+		}
+		return "Kostenentscheidung"
+	case AppealTargetAnordnung:
+		if lang == "en" {
+			return "Order"
+		}
+		return "Anordnung"
+	case AppealTargetSchadensbemessung:
+		if lang == "en" {
+			return "Damages-assessment decision"
+		}
+		return "Entscheidung im Schadensbemessungsverfahren"
+	case AppealTargetBucheinsicht:
+		if lang == "en" {
+			return "Book-inspection order"
+		}
+		return "Anordnung der Bucheinsicht"
+	}
+	return ""
 }
 
 // AdjustmentReason describes why a date was rolled forward / backward
@@ -371,6 +430,17 @@ type TimelineEntry struct {
 	ChoicesOffered   json.RawMessage   `json:"choicesOffered,omitempty"`
 	AppellantContext string            `json:"appellantContext,omitempty"`
 	IsHidden         bool              `json:"isHidden,omitempty"`
+	// DurationValue / DurationUnit / Timing surface the rule's
+	// arithmetic so /tools/verfahrensablauf can show "2 Mo. nach" on
+	// each event card (m/paliad#133, t-paliad-302). Source values from
+	// the Rule row (not the post-alt-swap arithmetic) — the tooltip
+	// reads as a property of the rule, not a recap of which branch
+	// fired. Zero-duration rules (root event, court-set) emit
+	// DurationValue=0 and the frontend suppresses the affordance.
+	// Timing is "before" | "after" — empty when r.Timing is NULL.
+	DurationValue int    `json:"durationValue,omitempty"`
+	DurationUnit  string `json:"durationUnit,omitempty"`
+	Timing        string `json:"timing,omitempty"`
 }
 
 // RuleCalculation is the single-rule calc response that backs the